bump version to v0.3.19

move to new repo

.github/ISSUE_TEMPLATE/1-bug_report.yml

@@ -11,14 +11,14 @@ body:
 
         **在提交 Issue 之前，请确认以下事项**：
         1. 我**确认**已尝试过使用当前最新版本，并能复现问题。由于开发者精力有限，非当前最新版本的问题将被直接关闭，感谢理解。
-        2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)（包括已关闭的），没有类似的问题。
+        2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)（包括已关闭的），没有类似的问题。
         3. 我**确认**已阅读过[文档](https://docs.certimate.me/)，没有类似的问题。
         4. 请**务必**按照模板规范详细描述问题，否则 Issue 将会被直接关闭。
         5. 请保持每个 Issue 只包含一个缺陷报告。如果有多个缺陷，请分别提交 Issue。
 
         **Before you submit the issue, please make sure of the following checklist**:
         1. Yes, I'm using the latest release and can reproduce the issue. Issues that are not in the latest version will be closed directly.
-        2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
+        2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
         3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar.
         4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly.
         5. Please limit one report per issue.
@@ -76,5 +76,5 @@ body:
     attributes:
       label: 贡献 / Contribution
       options:
-        - label: 我乐意为此贡献代码！ / I am interested in contributing to this issue!
+        - label: 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!
           required: false

.github/ISSUE_TEMPLATE/2-feature_request.yml

@@ -11,14 +11,14 @@ body:
 
         **在提交 Issue 之前，请确认以下事项**：
         1. 我**确认**是基于当前最新大版本而提出的新功能请求或改进意见。
-        2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)（包括已关闭的），没有类似的问题。
+        2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)（包括已关闭的），没有类似的问题。
         3. 我**确认**已阅读过[文档](https://docs.certimate.me/)，没有类似的问题。
         4. 请**务必**按照模板规范详细描述问题，否则 Issue 将会被直接关闭。
         5. 请保持每个 Issue 只包含一个功能请求。如果有多个需求，请分别提交 Issue。
 
         **Before you submit the issue, please make sure of the following checklist**:
         1. Yes, I'm using the latest release.
-        2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
+        2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
         3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar.
         4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly.
         5. Please limit one request per issue.
@@ -48,5 +48,5 @@ body:
     attributes:
       label: 贡献 / Contribution
       options:
-        - label: 我乐意为此贡献代码！ / I am interested in contributing to this issue!
+        - label: 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!
           required: false

.github/ISSUE_TEMPLATE/3-questions.yml

@@ -9,14 +9,14 @@ body:
 
         **在提交 Issue 之前，请确认以下事项**：
         1. 我**确认**正在使用的是当前最新版本。
-        2. 我**确认**已搜索过[已有的 Issues](https://github.com/usual2970/certimate/issues)（包括已关闭的），没有类似的问题。
+        2. 我**确认**已搜索过[已有的 Issues](https://github.com/certimate-go/certimate/issues)（包括已关闭的），没有类似的问题。
         3. 我**确认**已阅读过[文档](https://docs.certimate.me/)，没有类似的问题。
         4. 请**务必**按照模板规范详细描述问题，否则 Issue 将会被直接关闭。
         5. 请保持每个 Issue 只包含一个问题求助。如果有多个问题，请分别提交 Issue。
 
         **Before you submit the issue, please make sure of the following checklist**:
         1. Yes, I'm using the latest release.
-        2. Yes, I've searched for [existing issues](https://github.com/usual2970/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
+        2. Yes, I've searched for [existing issues](https://github.com/certimate-go/certimate/issues) (including closed ones) on GitHub and didn't find any similar.
         3. Yes, I've read the [documentation](https://docs.certimate.me/en/) and didn't find any similar.
         4. Please describe the problem in detail according to the template specification, otherwise the issue will be closed directly.
         5. Please limit one question per issue.

.github/workflows/push_image.yml

@@ -32,8 +32,8 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            usual2970/certimate
-            registry.cn-shanghai.aliyuncs.com/usual2970/certimate
+            certimate/certimate
+            registry.cn-shanghai.aliyuncs.com/certimate/certimate
           tags: |
             type=ref,event=branch
             type=ref,event=pr
@@ -61,4 +61,3 @@ jobs:
           platforms: linux/amd64,linux/arm64
           push: true
           tags: ${{ steps.meta.outputs.tags }}
-

.github/workflows/push_image_next.yml

@@ -31,8 +31,8 @@ jobs:
         uses: docker/metadata-action@v5
         with:
           images: |
-            usual2970/certimate
-            registry.cn-shanghai.aliyuncs.com/usual2970/certimate
+            certimate/certimate
+            registry.cn-shanghai.aliyuncs.com/certimate/certimate
           tags: |
             type=ref,event=tag,pattern={{version}}
           flavor: |

.github/workflows/release.yml

@@ -6,7 +6,7 @@ on:
       - "v[0-9]*"
 
 jobs:
-  goreleaser:
+  prepare-ui:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -19,28 +19,190 @@ jobs:
         with:
           node-version: 20.11.0
 
+      - name: Build WebUI
+        run: |
+          npm --prefix=./ui ci
+          npm --prefix=./ui run build
+
+      - name: Upload UI build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ui-build
+          path: ./ui/dist
+          retention-days: 1
+
+  build-linux:
+    needs: prepare-ui
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
           go-version-file: "go.mod"
 
-      - name: Build WebUI
-        run: |
-          npm --prefix=./ui ci
-          npm --prefix=./ui run build
-          npm cache clean --force
-          rm -rf ./ui/node_modules
-
-      - name: Check disk usage
-        run: |
-          df -h
-          du -sh /opt/hostedtoolcache/go/*
-
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v5
+      - name: Download UI build artifacts
+        uses: actions/download-artifact@v4
         with:
-          distribution: goreleaser
-          version: latest
-          args: release --clean
+          name: ui-build
+          path: ./ui/dist
+
+      - name: Build Linux binaries
+        env:
+          CGO_ENABLED: 0
+          GOOS: linux
+        run: |
+          mkdir -p dist/linux
+          for ARCH in amd64 arm64 armv7; do
+            if [ "$ARCH" == "armv7" ]; then
+              go env -w GOARCH=arm
+              go env -w GOARM=7
+            else
+              go env -w GOARCH=$ARCH
+              go env -u GOARM
+            fi
+            go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/linux/certimate_${GITHUB_REF#refs/tags/}_linux_$ARCH
+          done
+
+      - name: Upload Linux binaries
+        uses: actions/upload-artifact@v4
+        with:
+          name: linux-binaries
+          path: dist/linux/
+          retention-days: 1
+
+  build-macos:
+    needs: prepare-ui
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+
+      - name: Download UI build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: ui-build
+          path: ./ui/dist
+
+      - name: Build macOS binaries
+        env:
+          CGO_ENABLED: 0
+          GOOS: darwin
+        run: |
+          mkdir -p dist/darwin
+          for ARCH in amd64 arm64; do
+            go env -w GOARCH=$ARCH
+            go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/darwin/certimate_${GITHUB_REF#refs/tags/}_darwin_$ARCH
+          done
+
+      - name: Upload macOS binaries
+        uses: actions/upload-artifact@v4
+        with:
+          name: macos-binaries
+          path: dist/darwin/
+          retention-days: 1
+
+  build-windows:
+    needs: prepare-ui
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+
+      - name: Download UI build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: ui-build
+          path: ./ui/dist
+
+      - name: Build Windows binaries
+        env:
+          CGO_ENABLED: 0
+          GOOS: windows
+        run: |
+          mkdir -p dist/windows
+          for ARCH in amd64 arm64; do
+            go env -w GOARCH=$ARCH
+            go build -ldflags="-s -w -X github.com/certimate-go/certimate.Version=${GITHUB_REF#refs/tags/}" -o dist/windows/certimate_${GITHUB_REF#refs/tags/}_windows_$ARCH.exe
+          done
+
+      - name: Upload Windows binaries
+        uses: actions/upload-artifact@v4
+        with:
+          name: windows-binaries
+          path: dist/windows/
+          retention-days: 1
+
+  create-release:
+    needs: [build-linux, build-macos, build-windows]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Download all binaries
+        uses: actions/download-artifact@v4
+        with:
+          path: ./artifacts
+
+      - name: Prepare release assets
+        run: |
+          mkdir -p dist
+          cp -r artifacts/linux-binaries/* dist/
+          cp -r artifacts/macos-binaries/* dist/
+          cp -r artifacts/windows-binaries/* dist/
+
+          find dist -type f -not -name "*.exe" -exec chmod +x {} \;
+
+          cd dist
+          for bin in certimate_*; do
+            if [[ "$bin" == *".exe" ]]; then
+              entrypoint="certimate.exe"
+            else
+              entrypoint="certimate"
+            fi
+
+            tmpdir=$(mktemp -d)
+            cp "$bin" "${tmpdir}/${entrypoint}"
+            cp ../LICENSE ../README.md ../CHANGELOG.md "$tmpdir"
+
+            if [[ "$bin" == *".exe" ]]; then
+              zip -j "${bin%.exe}.zip" "$tmpdir"/*
+            else
+              zip -j -X "${bin}.zip" "$tmpdir"/*
+            fi
+
+            rm -rf "$tmpdir"
+          done
+
+          sha256sum *.zip > checksums.txt
+
+      - name: Create Release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: |
+            dist/*.zip
+            dist/checksums.txt
+          draft: true
         env:
           GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}

.goreleaser.yml

@@ -11,7 +11,7 @@ builds:
     main: ./
     binary: certimate
     ldflags:
-      - -s -w -X github.com/usual2970/certimate.Version={{ .Version }}
+      - -s -w -X github.com/certimate-go/certimate.Version={{ .Version }}
     env:
       - CGO_ENABLED=0
     goos:
@@ -30,6 +30,9 @@ builds:
       - goos: darwin
         goarch: arm
 
+# upx:
+#   - enabled: true
+
 release:
   draft: true
 
@@ -38,9 +41,9 @@ archives:
     builds: [build_noncgo]
     format: "zip"
     files:
-      - CHANGELOG.md
-      - LICENSE.md
+      - LICENSE
       - README.md
+      - CHANGELOG.md
 
 checksum:
   name_template: "checksums.txt"

CHANGELOG.md

@@ -1 +1 @@
-A full changelog of past releases is available on [GitHub Releases](https://github.com/usual2970/certimate/releases) page.
+A full changelog of past releases is available on [GitHub Releases](https://github.com/certimate-go/certimate/releases) page.

CONTRIBUTING.md

@@ -1,76 +1,106 @@
-# 向 Certimate 贡献代码
+# 贡献指南
 
-感谢你抽出时间来改进 Certimate！以下是向 Certimate 主仓库提交 PR（Pull Request）时的操作指南。
+非常感谢你抽出时间来帮助改进 Certimate！以下是向 Certimate 提交 Pull Request 时的操作指南。
 
-- [向 Certimate 贡献代码](#向-certimate-贡献代码)
-  - [前提条件](#前提条件)
-  - [修改 Go 代码](#修改-go-代码)
-  - [修改管理页面 (Admin UI)](#修改管理页面-admin-ui)
+我们需要保持敏捷和快速迭代，同时也希望确保贡献者能获得尽可能流畅的参与体验。这份贡献指南旨在帮助你熟悉代码库和我们的工作方式，让你可以尽快进入有趣的开发环节。
 
-## 前提条件
+索引：
 
-- Go 1.24+ (用于修改 Go 代码)
-- Node 20+ (用于修改 UI)
+- [开发](#开发)
+  - [要求](#要求)
+  - [后端代码](#后端代码)
+  - [前端代码](#前端代码)
+- [提交 PR](#提交-pr)
+  - [提交流程](#提交流程)
+- [获取帮助](#获取帮助)
 
-如果还没有这样做，你可以 fork Certimate 的主仓库，并克隆到本地以便进行修改：
+---
 
-```bash
-git clone https://github.com/your_username/certimate.git
-```
+## 开发
 
-> **重要提示：**
-> 建议为每个 Bug 修复或新功能创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR，请保持不同的改动在独立分支中，以便更容易进行代码审查并最终合并。
-> 保持一个 PR 只实现一个功能。
+### 要求
 
-## 修改 Go 代码
+- Go 1.24+（用于修改后端代码）
+- Node.js 22.0+（用于修改前端代码）
 
-假设你已经对 Certimate 的 Go 代码做了一些修改，现在你想要运行它：
+### 后端代码
 
-1. 进入根目录
-2. 运行以下命令启动服务：
+Certimate 的后端代码是使用 Golang 开发的，是一个基于 [Pocketbase](https://github.com/pocketbase/pocketbase) 构建的单体应用。
 
+假设你已经对 Certimate 的后端代码做出了一些修改，现在你想要运行它，请遵循以下步骤：
+
+1. 进入根目录；
+2. 安装依赖：
+   ```bash
+   go mod vendor
+   ```
+3. 启动本地开发服务：
    ```bash
    go run main.go serve
    ```
 
-这将启动一个 Web 服务器，默认运行在 `http://localhost:8090`，并使用来自 `ui/dist` 的预构建管理页面。
+这将启动一个 Web 服务器，默认运行在 `http://localhost:8090`，并使用来自 `/ui/dist` 的预构建管理页面。
 
-**在向主仓库提交 PR 之前，建议你：**
+> 如果你遇到报错 `ui/embed.go: pattern all:dist: no matching files found`，请参考“[前端代码](#前端代码)”这一小节构建 WebUI。
 
-- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 对你的代码进行格式化。
+**在向主仓库提交 PR 之前，你应该：**
 
-- 为你的改动添加单元测试或集成测试（Certimate 使用 Go 的标准 `testing` 包）。你可以通过以下命令运行测试（在项目根目录下）：
+- 使用 [gofumpt](https://github.com/mvdan/gofumpt) 格式化你的代码。推荐使用 VSCode，并安装 gofumpt 插件，以便在保存时自动格式化。
+- 为你的改动添加单元测试或集成测试（使用 Go 标准库中的 `testing` 包）。
 
-  ```bash
-  go test ./...
-  ```
+### 前端代码
 
-## 修改管理页面 (Admin UI)
+Certimate 的前端代码是使用 TypeScript 开发的，是一个基于 [React](https://github.com/facebook/react) 和 [Vite](https://github.com/vitejs/vite) 构建的单页应用。
 
-Certimate 的管理页面是一个基于 React 和 Vite 构建的单页应用（SPA）。
-
-要启动 Admin UI：
-
-1. 进入 `ui` 项目目录。
-
-2. 运行 `npm install` 安装依赖。
+假设你已经对 Certimate 的前端代码做出了一些修改，现在你想要运行它，请遵循以下步骤：
 
+1. 进入 `/ui` 目录；
+2. 安装依赖：
+   ```bash
+   npm install
+   ```
 3. 启动 Vite 开发服务器：
-
    ```bash
    npm run dev
    ```
 
-你可以通过浏览器访问 `http://localhost:5173` 来查看运行中的管理页面。
+这将启动一个 Web 服务器，默认运行在 `http://localhost:5173`，你可以通过浏览器访问来查看运行中的 WebUI。
 
-由于 Admin UI 只是一个客户端应用，运行时需要 Certimate 的后端服务作为支撑。你可以手动运行 Certimate，或者使用预构建的可执行文件。
-
-所有对 Admin UI 的修改将会自动反映在浏览器中，无需手动刷新页面。
-
-完成修改后，运行以下命令来构建 Admin UI，以便它能被嵌入到 Go 包中：
+完成修改后，运行以下命令来构建 WebUI，以便它能被嵌入到 Go 包中：
 
 ```bash
 npm run build
 ```
 
-完成所有步骤后，你可以将改动提交 PR 到 Certimate 主仓库。
+**在向主仓库提交 PR 之前，你应该：**
+
+- 使用 [ESLint](https://github.com/eslint/eslint) 格式化你的代码。推荐使用 VSCode，并安装 ESLint+Prettier 插件，以便在保存时自动格式化。
+
+## 提交 PR
+
+在提交 PR 之前，请先创建一个 Issue 来讨论你的修改方案，并等待来自项目维护者的反馈。这样做有助于：
+
+- 让我们充分理解你的修改内容；
+- 评估修改是否符合项目路线图；
+- 避免重复工作；
+- 防止你投入时间到可能无法被合并的修改中。
+
+### 提交流程
+
+1. Fork 本仓库；
+2. 在提交 PR 之前，请先发起 Issue 讨论你想要做的修改；
+3. 为你的修改创建一个新的分支；
+4. 请为你的修改添加相应的测试；
+5. 确保你的代码能通过现有的测试；
+6. 请在 PR 描述中关联相关 Issue；
+7. 等待合并！
+
+> [!IMPORTANT]
+>
+> 建议为每个新功能或 Bug 修复创建一个从 `main` 分支派生的新分支。如果你计划提交多个 PR，请保持不同的改动在独立分支中，以便更容易进行代码审查并最终合并。
+>
+> 保持一个 PR 只实现一个功能或修复。
+
+## 获取帮助
+
+如果你在贡献过程中遇到困难或问题，可以通过 GitHub Issues 向我们提问。

CONTRIBUTING_EN.md

@@ -1,81 +1,106 @@
-# Contributing to Certimate
+# Contribution Guide
 
-Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the main Certimate repository.
+Thank you for taking the time to improve Certimate! Below is a guide for submitting a PR (Pull Request) to the Certimate repository.
 
-- [Contributing to Certimate](#contributing-to-certimate)
+We need to be nimble and ship fast given where we are, but we also want to make sure that contributors like you get as smooth an experience at contributing as possible. We've assembled this contribution guide for that purpose, aiming at getting you familiarized with the codebase & how we work with contributors, so you could quickly jump to the fun part.
+
+Index:
+
+- [Development](#development)
   - [Prerequisites](#prerequisites)
-  - [Making Changes in the Go Code](#making-changes-in-the-go-code)
-  - [Making Changes in the Admin UI](#making-changes-in-the-admin-ui)
+  - [Backend Code](#backend-code)
+  - [Frontend Code](#frontend-code)
+- [Submitting PR](#submitting-pr)
+  - [Pull Request Process](#pull-request-process)
+- [Getting Help](#getting-help)
 
-## Prerequisites
+---
 
-- Go 1.24+ (for Go code changes)
-- Node 20+ (for Admin UI changes)
+## Development
 
-If you haven't done so already, you can fork the Certimate repository and clone your fork to work locally:
+### Prerequisites
 
-```bash
-git clone https://github.com/your_username/certimate.git
-```
+- Go 1.24+ (for backend code changes)
+- Node.js 22.0+ (for frontend code changes)
 
-> **Important:**
-> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge.
-> Keep each PR focused on a single feature or fix.
+### Backend Code
 
-## Making Changes in the Go Code
+The backend code of Certimate is developed using Golang. It is a monolithic application based on [Pocketbase](https://github.com/pocketbase/pocketbase).
 
-Once you have made changes to the Go code in Certimate, follow these steps to run the project:
+Once you have made changes to the backend code in Certimate, follow these steps to run the project:
 
 1. Navigate to the root directory.
-
-2. Start the service by running:
-
+2. Install dependencies:
+   ```bash
+   go mod vendor
+   ```
+3. Start the local development server:
    ```bash
    go run main.go serve
    ```
 
-This will start a web server at `http://localhost:8090` using the prebuilt Admin UI located in `ui/dist`.
+This will start a web server at `http://localhost:8090` using the prebuilt WebUI located in `/ui/dist`.
 
-**Before submitting a PR to the main repository, consider:**
+> If you encounter an error `ui/embed.go: pattern all:dist: no matching files found`, please refer to _[Frontend Code](#frontend-code)_ and build WebUI first.
 
-- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt).
+**Before submitting a PR to the main repository, you should:**
 
-- Adding unit or integration tests for your changes. Certimate uses Go’s standard `testing` package. You can run tests using the following command (while in the root project directory):
+- Format your source code by using [gofumpt](https://github.com/mvdan/gofumpt). Recommended using VSCode and installing the gofumpt plugin to automatically format when saving.
+- Adding unit or integration tests for your changes (with go standard library `testing` package).
 
-  ```bash
-  go test ./...
-  ```
+### Frontend Code
 
-## Making Changes in the Admin UI
+The frontend code of Certimate is developed using TypeScript. It is a SPA based on [React](https://github.com/facebook/react) and [Vite](https://github.com/vitejs/vite).
 
-Certimate’s Admin UI is a single-page application (SPA) built using React and Vite.
-
-To start the Admin UI:
-
-1. Navigate to the `ui` project directory.
-
-2. Install the necessary dependencies by running:
+Once you have made changes to the backend code in Certimate, follow these steps to run the project:
 
+1. Navigate to the `/ui` directory.
+2. Install dependencies:
    ```bash
    npm install
    ```
-
-3. Start the Vite development server:
-
+3. Start the local development server:
    ```bash
    npm run dev
    ```
 
-You can now access the running Admin UI at `http://localhost:5173` in your browser.
+This will start a web server at `http://localhost:5173`. You can now access the WebUI in your browser.
 
-Since the Admin UI is a client-side application, you will also need to have the Certimate backend running. You can either manually run Certimate or use a prebuilt executable.
-
-Any changes you make in the Admin UI will be automatically reflected in the browser without requiring a page reload.
-
-After completing your changes, build the Admin UI so it can be embedded into the Go package:
+After completing your changes, build the WebUI so it can be embedded into the Go package:
 
 ```bash
 npm run build
 ```
 
-Once all steps are completed, you are ready to submit a PR to the main Certimate repository.
+**Before submitting a PR to the main repository, you should:**
+
+- Format your source code by using [ESLint](https://github.com/eslint/eslint). Recommended using VSCode and installing the ESLint plugin to automatically format when saving.
+
+## Submitting PR
+
+Before opening a Pull Request, please open an issue to discuss the change and get feedback from the maintainers. This will helps us:
+
+- To understand the context of the change.
+- To ensure it fits into Certimate's roadmap.
+- To prevent us from duplicating work.
+- To prevent you from spending time on a change that we may not be able to accept.
+
+### Pull Request Process
+
+1. Fork the repository.
+2. Before you draft a PR, please open an issue to discuss the changes you want to make.
+3. Create a new branch for your changes.
+4. Please add tests for your changes accordingly.
+5. Ensure your code passes the existing tests.
+6. Please link the issue in the PR description.
+7. Get merged!
+
+> [!IMPORTANT]
+>
+> It is recommended to create a new branch from `main` for each bug fix or feature. If you plan to submit multiple PRs, ensure the changes are in separate branches for easier review and eventual merge.
+>
+> Keep each PR focused on a single feature or fix.
+
+## Getting Help
+
+If you ever get stuck or get a burning question while contributing, simply shoot your queries our way via the GitHub issues.

Dockerfile

@@ -13,7 +13,8 @@ WORKDIR /app
 COPY ../. /app/
 RUN rm -rf /app/ui/dist
 COPY --from=webui-builder /app/ui/dist /app/ui/dist
-RUN go build -o certimate
+ENV CGO_ENABLED=0
+RUN go build -ldflags="-s -w" -o certimate
 
 
 

LICENSE

@@ -1,5 +1,6 @@
 MIT License
 
+Copyright (c) 2025 certimate-go
 Copyright (c) 2024 Yoan.Liu
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

Makefile

@@ -21,7 +21,8 @@ $(OS_ARCH):
 	@mkdir -p $(BUILD_DIR)
 	GOOS=$(word 1,$(subst /, ,$@)) \
 	GOARCH=$(word 2,$(subst /, ,$@)) \
-	go build -o $(BUILD_DIR)/$(BINARY_NAME)_$(word 1,$(subst /, ,$@))_$(word 2,$(subst /, ,$@)) -ldflags="-X main.version=$(VERSION)" .
+	CGO_ENABLED=0 \
+	go build -o $(BUILD_DIR)/$(BINARY_NAME)_$(word 1,$(subst /, ,$@))_$(word 2,$(subst /, ,$@)) -ldflags="-X main.version=$(VERSION) -s -w" .
 
 # 清理构建文件
 clean:

README.md

@@ -2,11 +2,11 @@
 
 <div align="center">
 
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate)
-[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate)
-[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate)
-[![Release](https://img.shields.io/github/v/release/usual2970/certimate?sort=semver)](https://github.com/usual2970/certimate/releases)
-[![License](https://img.shields.io/github/license/usual2970/certimate)](https://mit-license.org/)
+[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate)
+[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate)
+[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate)
+[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases)
+[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
 
 </div>
 
@@ -22,7 +22,7 @@
 
 做个人产品或者在中小企业里负责运维的同学，会遇到要管理多个域名的情况，需要给域名申请证书。但是手动申请证书有以下缺点：
 
-- 😱 麻烦：申请证书并部署到服务的流程虽不复杂，但也挺麻烦的，犹其是你有多个域名需要维护的时候。
+- 😱 麻烦：申请证书并部署到服务的流程虽不复杂，但也挺麻烦的，尤其是你有多个域名需要维护的时候。
 - 😭 易忘：另外当前免费证书的有效期只有 90 天，这就要求你定期的操作，增加了工作量的同时，你也很容易忘掉续期，从而导致网站访问不了。
 
 Certimate 就是为了解决上述问题而产生的，它具有以下优势：
@@ -39,7 +39,7 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 - 支持单域名、多域名、泛域名证书，可选 RSA、ECC 签名算法；
 - 支持 PEM、PFX、JKS 等多种格式输出证书；
 - 支持 30+ 域名托管商（如阿里云、腾讯云、Cloudflare 等，[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-dns-providers)）；
-- 支持 80+ 部署目标（如 Kubernetes、CDN、WAF、负载均衡等，[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-host-providers)）；
+- 支持 100+ 部署目标（如 Kubernetes、CDN、WAF、负载均衡等，[点此查看完整清单](https://docs.certimate.me/docs/reference/providers#supported-hosting-providers)）；
 - 支持邮件、钉钉、飞书、企业微信、Webhook 等多种通知渠道；
 - 支持 Let's Encrypt、Buypass、Google Trust Services、SSL.com、ZeroSSL 等多种 ACME 证书颁发机构；
 - 更多特性等待探索。
@@ -48,7 +48,7 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 
 **5 分钟部署 Certimate！**
 
-以二进制部署为例，从 [GitHub Releases](https://github.com/usual2970/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包，解压缩后在终端中执行：
+以二进制部署为例，从 [GitHub Releases](https://github.com/certimate-go/certimate/releases) 页面下载预先编译好的二进制可执行文件压缩包，解压缩后在终端中执行：
 
 ```bash
 ./certimate serve
@@ -71,10 +71,10 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 
 相关文章：
 
-- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname)
-- [v0.3.0：第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0)
-- [v0.2.0：第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0)
-- [Why Certimate?](https://docs.certimate.me/blog/why-certimate)
+- [《使用 CNAME 完成 ACME DNS-01 质询》](https://docs.certimate.me/blog/cname)
+- [《v0.3.0：第二个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.3.0)
+- [《v0.2.0：第一个不向后兼容的大版本》](https://docs.certimate.me/blog/v0.2.0)
+- [《Why Certimate?》](https://docs.certimate.me/blog/why-certimate)
 
 ## ⭐ 运行界面
 
@@ -82,18 +82,19 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 
 ## 🤝 参与贡献
 
-Certimate 是一个免费且开源的项目，采用 [MIT License](./LICENSE.md)。你可以使用它做任何你想做的事，甚至把它当作一个付费服务提供给用户。
+Certimate 是一个免费且开源的项目。我们欢迎任何人为 Certimate 做出贡献，以帮助改善 Certimate。包括但不限于：提交代码、反馈缺陷、交流想法，或分享你基于 Certimate 的使用案例。同时，我们也欢迎用户在个人博客或社交媒体上分享 Certimate。
 
-你可以通过以下方式来支持 Certimate 的开发：
+如果你想要贡献代码，请先阅读我们的[贡献指南](./CONTRIBUTING.md)。
 
-- 提交代码：如果你发现了 Bug 或有新的功能需求，而你又有相关经验，可以[提交代码](CONTRIBUTING.md)给我们。
-- 提交 Issue：功能建议或者 Bug 可以[提交 Issue](https://github.com/usual2970/certimate/issues) 给我们。
+请在 https://github.com/certimate-go/certimate 提交 [Issues](https://github.com/certimate-go/certimate/issues) 和 [Pull Requests](https://github.com/certimate-go/certimate/pulls)。
 
-支持更多提供商、UI 的优化改进、Bug 修复、文档完善等，欢迎大家参与贡献。
+#### 感谢以下贡献者对 Certimate 做出的贡献：
+
+[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors)
 
 ## ⛔ 免责声明
 
-Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布，完全免费提供，旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任，包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。
+Certimate 遵循 [MIT License](https://opensource.org/licenses/MIT) 开源协议，完全免费提供，旨在“按现状”供用户使用。作者及贡献者不对使用本软件所产生的任何直接或间接后果承担责任，包括但不限于性能下降、数据丢失、服务中断、或任何其他类型的损害。
 
 **无任何保证**：本软件不提供任何明示或暗示的保证，包括但不限于对特定用途的适用性、无侵权性、商用性及可靠性的保证。
 
@@ -104,8 +105,8 @@ Certimate 基于 [MIT License](https://opensource.org/licenses/MIT) 发布，完
 - [Telegram](https://t.me/+ZXphsppxUg41YmVl)
 - 微信群聊（超 200 人需邀请入群，可先加作者好友）
 
-  <img src="https://i.imgur.com/8xwsLTA.png" width="240"/>
+  <img src="https://i.imgur.com/8xwsLTA.png" width="200"/>
 
 ## 🚀 Star 趋势图
 
-[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate)
+[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate)

README_EN.md

@@ -2,11 +2,11 @@
 
 <div align="center">
 
-[![Stars](https://img.shields.io/github/stars/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate)
-[![Forks](https://img.shields.io/github/forks/usual2970/certimate?style=flat)](https://github.com/usual2970/certimate)
-[![Docker Pulls](https://img.shields.io/docker/pulls/usual2970/certimate?style=flat)](https://hub.docker.com/r/usual2970/certimate)
-[![Release](https://img.shields.io/github/v/release/usual2970/certimate?style=flat&sort=semver)](https://github.com/usual2970/certimate/releases)
-[![License](https://img.shields.io/github/license/usual2970/certimate?style=flat)](https://mit-license.org/)
+[![Stars](https://img.shields.io/github/stars/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate)
+[![Forks](https://img.shields.io/github/forks/certimate-go/certimate?style=flat)](https://github.com/certimate-go/certimate)
+[![Docker Pulls](https://img.shields.io/docker/pulls/certimate/certimate?style=flat)](https://hub.docker.com/r/certimate/certimate)
+[![Release](https://img.shields.io/github/v/release/certimate-go/certimate?style=flat&sort=semver)](https://github.com/certimate-go/certimate/releases)
+[![License](https://img.shields.io/github/license/certimate-go/certimate?style=flat)](https://mit-license.org/)
 
 </div>
 
@@ -39,7 +39,7 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate
 - Supports single-domain, multi-domain, wildcard certificates, with options for RSA or ECC.
 - Supports various certificate formats such as PEM, PFX, JKS.
 - Supports more than 30+ domain registrars (e.g., Alibaba Cloud, Tencent Cloud, Cloudflare, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-dns-providers));
-- Supports more than 80+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-host-providers));
+- Supports more than 100+ deployment targets (e.g., Kubernetes, CDN, WAF, load balancers, etc. [Check out this link](https://docs.certimate.me/en/docs/reference/providers#supported-hosting-providers));
 - Supports multiple notification channels including email, DingTalk, Feishu, WeCom, Webhook, and more;
 - Supports multiple ACME CAs including Let's Encrypt, Buypass, Google Trust Services，SSL.com, ZeroSSL, and more;
 - More features waiting to be discovered.
@@ -48,7 +48,7 @@ Certimate aims to provide users with a secure and user-friendly SSL certificate
 
 **Deploy Certimate in 5 minutes!**
 
-Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/usual2970/certimate/releases), extract and then execute:
+Download the archived package of precompiled binary files directly from [GitHub Releases](https://github.com/certimate-go/certimate/releases), extract and then execute:
 
 ```bash
 ./certimate serve
@@ -65,14 +65,14 @@ Work with Certimate right now. Or read other content in the documentation to lea
 
 ## 📄 Documentation
 
-Please visit the documentation site [docs.certimate.me](https://docs.certimate.me/en/).
+For full documentation, please visit [docs.certimate.me](https://docs.certimate.me/en/).
 
 Related articles:
 
-- [使用 CNAME 完成 ACME DNS-01 质询](https://docs.certimate.me/blog/cname)
-- [v0.3.0：第二个不向后兼容的大版本](https://docs.certimate.me/blog/v0.3.0)
-- [v0.2.0：第一个不向后兼容的大版本](https://docs.certimate.me/blog/v0.2.0)
-- [Why Certimate?](https://docs.certimate.me/blog/why-certimate)
+- [_使用 CNAME 完成 ACME DNS-01 质询_](https://docs.certimate.me/blog/cname)
+- [_v0.3.0：第二个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.3.0)
+- [_v0.2.0：第一个不向后兼容的大版本_](https://docs.certimate.me/blog/v0.2.0)
+- [_Why Certimate?_](https://docs.certimate.me/blog/why-certimate)
 
 ## ⭐ Screenshot
 
@@ -80,18 +80,19 @@ Related articles:
 
 ## 🤝 Contributing
 
-Certimate is a free and open-source project, licensed under the [MIT License](./LICENSE.md). You can use it for anything you want, even offering it as a paid service to users.
+Certimate is a free and open-source project, and your feedback and contributions are needed and always welcome. Contributions include but are not limited to: submitting code, reporting bugs, sharing ideas, or showcasing your use cases based on Certimate. We also encourage users to share Certimate on personal blogs or social media.
 
-You can support the development of Certimate in the following ways:
+For those who'd like to contribute code, see our [Contribution Guide](./CONTRIBUTING_EN.md).
 
-- **Submit Code**: If you find a bug or have new feature requests, and you have relevant experience, [you can submit code to us](CONTRIBUTING_EN.md).
-- **Submit an Issue**: For feature suggestions or bugs, you can [submit an issue](https://github.com/usual2970/certimate/issues) to us.
+[Issues](https://github.com/certimate-go/certimate/issues) and [Pull Requests](https://github.com/certimate-go/certimate/pulls) are opened at https://github.com/certimate-go/certimate.
 
-Support for more service providers, UI enhancements, bug fixes, and documentation improvements are all welcome. We encourage everyone to contribute.
+#### Contributors
+
+[![Contributors](https://contrib.rocks/image?repo=certimate-go/certimate)](https://github.com/certimate-go/certimate/graphs/contributors)
 
 ## ⛔ Disclaimer
 
-This software is provided under the [MIT License](https://opensource.org/licenses/MIT) and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm.
+This repository is available under the [MIT License](https://opensource.org/licenses/MIT), and distributed “as-is” without any warranty of any kind. The authors and contributors are not responsible for any damages or losses resulting from the use or inability to use this software, including but not limited to data loss, business interruption, or any other potential harm.
 
 **No Warranties**: This software comes without any express or implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
 
@@ -102,8 +103,8 @@ This software is provided under the [MIT License](https://opensource.org/license
 - [Telegram](https://t.me/+ZXphsppxUg41YmVl)
 - Wechat Group
 
-  <img src="https://i.imgur.com/zSHEoIm.png" width="240"/>
+  <img src="https://i.imgur.com/zSHEoIm.png" width="200"/>
 
 ## 🚀 Star History
 
-[![Stargazers over time](https://starchart.cc/usual2970/certimate.svg?variant=adaptive)](https://starchart.cc/usual2970/certimate)
+[![Stargazers over time](https://starchart.cc/certimate-go/certimate.svg?variant=adaptive)](https://starchart.cc/certimate-go/certimate)

docker/docker-compose.yml

@@ -1,8 +1,8 @@
 version: "3.0"
 services:
   certimate:
-    image: registry.cn-shanghai.aliyuncs.com/usual2970/certimate:latest
-    container_name: certimate_server
+    image: certimate/certimate:latest
+    container_name: certimate
     ports:
       - 8090:8090
     volumes:

go.mod

@@ -1,4 +1,4 @@
-module github.com/usual2970/certimate
+module github.com/certimate-go/certimate
 
 go 1.24.0
 
@@ -6,7 +6,7 @@ toolchain go1.24.3
 
 require (
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0
 	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azcertificates v1.3.1
 	github.com/Edgio/edgio-api v0.0.0-workspace
 	github.com/G-Core/gcorelabscdn-go v1.0.31
@@ -14,58 +14,62 @@ require (
 	github.com/alibabacloud-go/apig-20240327/v3 v3.2.2
 	github.com/alibabacloud-go/cas-20200407/v3 v3.0.4
 	github.com/alibabacloud-go/cdn-20180510/v5 v5.2.2
-	github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.3
+	github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.4
 	github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7
 	github.com/alibabacloud-go/ddoscoo-20200101/v4 v4.0.0
-	github.com/alibabacloud-go/esa-20240910/v2 v2.32.0
+	github.com/alibabacloud-go/esa-20240910/v2 v2.33.0
 	github.com/alibabacloud-go/fc-20230330/v4 v4.3.5
 	github.com/alibabacloud-go/fc-open-20210406/v2 v2.0.12
+	github.com/alibabacloud-go/ga-20191120/v3 v3.1.8
 	github.com/alibabacloud-go/live-20161101 v1.1.1
 	github.com/alibabacloud-go/nlb-20220430/v2 v2.0.3
 	github.com/alibabacloud-go/slb-20140515/v4 v4.0.10
 	github.com/alibabacloud-go/tea v1.3.9
 	github.com/alibabacloud-go/vod-20170321/v4 v4.8.4
-	github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2
+	github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.3
 	github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible
 	github.com/aws/aws-sdk-go-v2/service/acm v1.32.0
 	github.com/aws/aws-sdk-go-v2/service/cloudfront v1.46.1
-	github.com/baidubce/bce-sdk-go v0.9.226
+	github.com/aws/aws-sdk-go-v2/service/iam v1.42.0
+	github.com/baidubce/bce-sdk-go v0.9.228
+	github.com/blinkbean/dingtalk v1.1.3
 	github.com/byteplus-sdk/byteplus-sdk-golang v1.0.46
 	github.com/go-acme/lego/v4 v4.23.1
+	github.com/go-lark/lark v1.16.0
 	github.com/go-resty/resty/v2 v2.16.5
 	github.com/go-viper/mapstructure/v2 v2.2.1
-	github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.148
+	github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.150
 	github.com/jdcloud-api/jdcloud-sdk-go v1.64.0
 	github.com/libdns/dynv6 v1.0.0
 	github.com/libdns/libdns v0.2.3
 	github.com/luthermonson/go-proxmox v0.2.2
-	github.com/nikoksr/notify v1.3.0
 	github.com/pavlo-v-chernykh/keystore-go/v4 v4.5.0
 	github.com/pkg/sftp v1.13.9
 	github.com/pocketbase/dbx v1.11.0
-	github.com/pocketbase/pocketbase v0.28.0
+	github.com/pocketbase/pocketbase v0.28.2
 	github.com/povsister/scp v0.0.0-20250504051308-e467f71ea63c
 	github.com/qiniu/go-sdk/v7 v7.25.3
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1155
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1161
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1162
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1166
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1120
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1124
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1162
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1160
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1162
-	github.com/ucloud/ucloud-sdk-go v0.22.35
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1172
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1169
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1166
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1164
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170
+	github.com/ucloud/ucloud-sdk-go v0.22.41
 	github.com/volcengine/ve-tos-golang-sdk/v2 v2.7.12
-	github.com/volcengine/volc-sdk-golang v1.0.207
-	github.com/volcengine/volcengine-go-sdk v1.1.7
+	github.com/volcengine/volc-sdk-golang v1.0.208
+	github.com/volcengine/volcengine-go-sdk v1.1.8
 	gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1
 	gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0
 	golang.org/x/crypto v0.38.0
 	golang.org/x/exp v0.0.0-20250506013437-ce4c2cf36ca6
-	k8s.io/api v0.33.0
-	k8s.io/apimachinery v0.33.0
-	k8s.io/client-go v0.33.0
+	k8s.io/api v0.33.1
+	k8s.io/apimachinery v0.33.1
+	k8s.io/client-go v0.33.1
 	software.sslmate.com/src/go-pkcs12 v0.5.0
 )
 
@@ -84,13 +88,11 @@ require (
 	github.com/alibabacloud-go/tea-utils/v2 v2.0.7 // indirect
 	github.com/avast/retry-go v3.0.0+incompatible // indirect
 	github.com/aws/aws-sdk-go-v2/service/route53 v1.50.0 // indirect
-	github.com/blinkbean/dingtalk v1.1.3 // indirect
 	github.com/buger/goterm v1.0.4 // indirect
 	github.com/diskfs/go-diskfs v1.5.0 // indirect
 	github.com/djherbis/times v1.6.0 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.1 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
-	github.com/go-lark/lark v1.15.1 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
@@ -99,7 +101,6 @@ require (
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.16.0 // indirect
 	github.com/go-sql-driver/mysql v1.8.1 // indirect
-	github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible // indirect
 	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
@@ -126,7 +127,6 @@ require (
 	github.com/qiniu/x v1.10.5 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af // indirect
-	github.com/technoweenie/multipartstreamer v1.0.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	go.mongodb.org/mongo-driver v1.17.2 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
@@ -195,12 +195,9 @@ require (
 	github.com/nrdcg/namesilo v0.2.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/spf13/cast v1.8.0 // indirect
 	github.com/spf13/cobra v1.9.1 // indirect
 	github.com/spf13/pflag v1.0.6 // indirect
-	github.com/stretchr/objx v0.5.2 // indirect
-	github.com/stretchr/testify v1.10.0 // indirect
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1128 // indirect
 	github.com/tjfoc/gmsm v1.4.1 // indirect
 	golang.org/x/image v0.27.0 // indirect
@@ -216,14 +213,14 @@ require (
 	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	modernc.org/libc v1.62.1 // indirect
+	modernc.org/libc v1.65.7 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
-	modernc.org/memory v1.9.1 // indirect
-	modernc.org/sqlite v1.37.0 // indirect
+	modernc.org/memory v1.11.0 // indirect
+	modernc.org/sqlite v1.37.1 // indirect
 )
 
-replace github.com/Edgio/edgio-api v0.0.0-workspace => ./internal/pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace
+replace github.com/Edgio/edgio-api v0.0.0-workspace => ./pkg/sdk3rd/edgio/edgio-api@v0.0.0-workspace
 
-replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0
+replace gitlab.ecloud.com/ecloud/ecloudsdkcore v1.0.0 => ./pkg/sdk3rd/cmcc/ecloudsdkcore@v1.0.0
 
-replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./internal/pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1
+replace gitlab.ecloud.com/ecloud/ecloudsdkclouddns v1.0.1 => ./pkg/sdk3rd/cmcc/ecloudsdkclouddns@v1.0.1

go.sum

@@ -36,8 +36,8 @@ filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4
 github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0 h1:OVoM452qUFBrX+URdH3VpR299ma4kfom0yB0URYky9g=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0/go.mod h1:kUjrAo8bgEwLeZ/CmHqNl3Z/kPm7y6FKfxxK0izYUg4=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0 h1:j8BorDEigD8UFOSZQiSqAMOOleyQOOQPnUAwV+Ls1gA=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4=
@@ -101,8 +101,8 @@ github.com/alibabacloud-go/cas-20200407/v3 v3.0.4 h1:ngRlctbt135zoujwX0lXSv9m4h1
 github.com/alibabacloud-go/cas-20200407/v3 v3.0.4/go.mod h1:6n9MZ9SH3HlSzfe2oKwjOqhJx3dxvW2gMDO+lq8t9U4=
 github.com/alibabacloud-go/cdn-20180510/v5 v5.2.2 h1:+KJOPukTM+xMyiLOW5qBwYKG2df3Ar7coRsqc1juKO8=
 github.com/alibabacloud-go/cdn-20180510/v5 v5.2.2/go.mod h1:GnPiPL3HlzCi8SGiLiVgKrAFkP1vTtcF4yGtjsl4wfo=
-github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.3 h1:OTLn0ShbE0jJj+5Z+P76zeHsZYxZjO7YVThQoeaBM9M=
-github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.3/go.mod h1:eUmD1G4BjEBOAHIeJrHJL7pyLGgXSRTPLjBmYY7uPEg=
+github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.4 h1:SsyAoXM1R4J3I4xQdPW/rRW8cTo2KN440/4h/pGiwRQ=
+github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.4/go.mod h1:eUmD1G4BjEBOAHIeJrHJL7pyLGgXSRTPLjBmYY7uPEg=
 github.com/alibabacloud-go/darabonba-array v0.1.0 h1:vR8s7b1fWAQIjEjWnuF0JiKsCvclSRTfDzZHTYqfufY=
 github.com/alibabacloud-go/darabonba-array v0.1.0/go.mod h1:BLKxr0brnggqOJPqT09DFJ8g3fsDshapUD3C3aOEFaI=
 github.com/alibabacloud-go/darabonba-encode-util v0.0.2 h1:1uJGrbsGEVqWcWxrS9MyC2NG0Ax+GpOM5gtupki31XE=
@@ -112,6 +112,7 @@ github.com/alibabacloud-go/darabonba-map v0.0.2/go.mod h1:28AJaX8FOE/ym8OUFWga+M
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.0/go.mod h1:5JHVmnHvGzR2wNdgaW1zDLQG8kOC4Uec8ubkMogW7OQ=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.2/go.mod h1:5JHVmnHvGzR2wNdgaW1zDLQG8kOC4Uec8ubkMogW7OQ=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.5/go.mod h1:kUe8JqFmoVU7lfBauaDD5taFaW7mBI+xVsyHutYtabg=
+github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.9/go.mod h1:bb+Io8Sn2RuM3/Rpme6ll86jMyFSrD1bxeV/+v61KeU=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.10/go.mod h1:26a14FGhZVELuz2cc2AolvW4RHmIO3/HRwsdHhaIPDE=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.11/go.mod h1:wHxkgZT1ClZdcwEVP/pDgYK/9HucsnCfMipmJgCz4xY=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7 h1:ASXSBga98QrGMxbIThCD6jAti09gedLfvry6yJtsoBE=
@@ -131,12 +132,14 @@ github.com/alibabacloud-go/debug v1.0.1/go.mod h1:8gfgZCCAC3+SCzjWtY053FrOcd4/ql
 github.com/alibabacloud-go/endpoint-util v1.1.0/go.mod h1:O5FuCALmCKs2Ff7JFJMudHs0I5EBgecXXxZRyswlEjE=
 github.com/alibabacloud-go/endpoint-util v1.1.1 h1:ZkBv2/jnghxtU0p+upSU0GGzW1VL9GQdZO3mcSUTUy8=
 github.com/alibabacloud-go/endpoint-util v1.1.1/go.mod h1:O5FuCALmCKs2Ff7JFJMudHs0I5EBgecXXxZRyswlEjE=
-github.com/alibabacloud-go/esa-20240910/v2 v2.32.0 h1:eudSgNIkCg6huIu3HuF16BJG6+CA6bIuIddxpuPydpg=
-github.com/alibabacloud-go/esa-20240910/v2 v2.32.0/go.mod h1:HZS5PmYJvcmH4vrJYuCvK3AnYzD9hLlO8CT0hgRyDXo=
+github.com/alibabacloud-go/esa-20240910/v2 v2.33.0 h1:10IWxrMcF1W6/7BUJIJifrofduSG0wRFqDbRfIsR3Zw=
+github.com/alibabacloud-go/esa-20240910/v2 v2.33.0/go.mod h1:HZS5PmYJvcmH4vrJYuCvK3AnYzD9hLlO8CT0hgRyDXo=
 github.com/alibabacloud-go/fc-20230330/v4 v4.3.5 h1:nDNjVzGwkQPbQnAuxAmxvS9x8QGLph8j0ptEdZDPGBA=
 github.com/alibabacloud-go/fc-20230330/v4 v4.3.5/go.mod h1:vEJimQ6E/e+m2z0/oXdeQWlFw/Pi/Ar6NKcMrSvcILE=
 github.com/alibabacloud-go/fc-open-20210406/v2 v2.0.12 h1:A3D8Mp6qf8DfR6Dt5MpS8aDVaWfS4N85T5CvGUvgrjM=
 github.com/alibabacloud-go/fc-open-20210406/v2 v2.0.12/go.mod h1:F5c0E5UB3k8v6neTtw3FBcJ1YCNFzVoL1JPRHTe33u4=
+github.com/alibabacloud-go/ga-20191120/v3 v3.1.8 h1:5GF0PXijDhxRQ3gTg9Ee/CVPtglkxuVdz4yIQgYLPgw=
+github.com/alibabacloud-go/ga-20191120/v3 v3.1.8/go.mod h1:RVpR9VL4YECKoZCQijTYfPk8k52O61v6hSRekjxF0kw=
 github.com/alibabacloud-go/live-20161101 v1.1.1 h1:rUGfA8RHmCMtQ5M3yMSyRde+yRXWqVecmiXBU3XrGJ8=
 github.com/alibabacloud-go/live-20161101 v1.1.1/go.mod h1:g84w6qeAodT0/IHdc0tEed2a8PyhQhYl7TAj3jGl4A4=
 github.com/alibabacloud-go/nlb-20220430/v2 v2.0.3 h1:LtyUVlgBEKyzWgQJurzXM6MXCt84sQr9cE5OKqYymko=
@@ -187,8 +190,8 @@ github.com/alibabacloud-go/tea-xml v1.1.3 h1:7LYnm+JbOq2B+T/B0fHC4Ies4/FofC4zHzY
 github.com/alibabacloud-go/tea-xml v1.1.3/go.mod h1:Rq08vgCcCAjHyRi/M7xlHKUykZCEtyBy9+DPF6GgEu8=
 github.com/alibabacloud-go/vod-20170321/v4 v4.8.4 h1:MYP2xfrcud8vlWljQ4lhemNgAgi9/AUAa450n8TUXZo=
 github.com/alibabacloud-go/vod-20170321/v4 v4.8.4/go.mod h1:5ocQ6hIc9tpGixD2iy099aOGwIgpzjT2le4Krd4aLn8=
-github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2 h1:CmhJzCZ5RiSiWU6BV2XJUtIMD2LDo9FFfqlYGtx1aAw=
-github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2/go.mod h1:9itYSTzipL3NlvhvNYfTjFaapoZzG68nlu/KUdh9SpA=
+github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.3 h1:25tmcJxIitrk55crBGssPlqRzmFcpGVW5TEFxdUvfg0=
+github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.3/go.mod h1:9itYSTzipL3NlvhvNYfTjFaapoZzG68nlu/KUdh9SpA=
 github.com/aliyun/alibaba-cloud-sdk-go v1.63.100 h1:yUkCbrSM1cWtgBfRVKMQtdt22KhDvKY7g4V+92eG9wA=
 github.com/aliyun/alibaba-cloud-sdk-go v1.63.100/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ=
 github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible h1:8psS8a+wKfiLt1iVDX79F7Y6wUM49Lcha2FMXt4UM8g=
@@ -232,6 +235,8 @@ github.com/aws/aws-sdk-go-v2/service/acm v1.32.0/go.mod h1:3sKYAgRbuBa2QMYGh/WEc
 github.com/aws/aws-sdk-go-v2/service/cloudfront v1.46.1 h1:6xZNYtuVwzBs8k+TmraERt0vL68Ppg9aUi+aTQmPaVM=
 github.com/aws/aws-sdk-go-v2/service/cloudfront v1.46.1/go.mod h1:FIBJ48TS+qJb+Ne4qJ+0NeIhtPTVXItXooTeNeVI4Po=
 github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.8.1/go.mod h1:CM+19rL1+4dFWnOQKwDc7H1KwXTz+h61oUSHyhV0b3o=
+github.com/aws/aws-sdk-go-v2/service/iam v1.42.0 h1:G6+UzGvubaet9QOh0664E9JeT+b6Zvop3AChozRqkrA=
+github.com/aws/aws-sdk-go-v2/service/iam v1.42.0/go.mod h1:mPJkGQzeCoPs82ElNILor2JzZgYENr4UaSKUT8K27+c=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 h1:eAh2A4b5IzM/lum78bZ590jy36+d/aFLgKF/4Vd1xPE=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3/go.mod h1:0yKJC/kb8sAnmlYa6Zs3QVYqaC8ug2AbnNChv5Ox3uA=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 h1:dM9/92u2F1JbDaGooxTq18wmmFzbJRfXfVfy96/1CXM=
@@ -247,8 +252,8 @@ github.com/aws/aws-sdk-go-v2/service/sts v1.33.17/go.mod h1:cQnB8CUnxbMU82JvlqjK
 github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E=
 github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ=
 github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
-github.com/baidubce/bce-sdk-go v0.9.226 h1:VKEKcJC9P33yIfYJZr12Q/4Bvj18RFbgO8w8XOfU8AI=
-github.com/baidubce/bce-sdk-go v0.9.226/go.mod h1:zbYJMQwE4IZuyrJiFO8tO8NbtYiKTFTbwh4eIsqjVdg=
+github.com/baidubce/bce-sdk-go v0.9.228 h1:XEY3/oAxXcsi7+3atib9fMI6YNE9sL5qo+WMZ+iqmNE=
+github.com/baidubce/bce-sdk-go v0.9.228/go.mod h1:zbYJMQwE4IZuyrJiFO8tO8NbtYiKTFTbwh4eIsqjVdg=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
@@ -360,8 +365,8 @@ github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
 github.com/go-kit/kit v0.12.0/go.mod h1:lHd+EkCZPIwYItmGDDRdhinkzX2A1sj+M9biaEaizzs=
 github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
 github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
-github.com/go-lark/lark v1.15.1 h1:fo6PQKBJht/71N9Zn3/xjknOYx0TmdVuP+VP8NrUCsI=
-github.com/go-lark/lark v1.15.1/go.mod h1:6ltbSztPZRT6IaO9ZIQyVaY5pVp/KeMizDYtfZkU+vM=
+github.com/go-lark/lark v1.16.0 h1:U6BwkLM9wrZedSM7cIiMofganr8PCvJN+M75w2lf2Gg=
+github.com/go-lark/lark v1.16.0/go.mod h1:6ltbSztPZRT6IaO9ZIQyVaY5pVp/KeMizDYtfZkU+vM=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
@@ -400,8 +405,6 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8Wd
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible h1:2cauKuaELYAEARXRkq2LrJ0yDDv1rW7+wrTEdVL3uaU=
-github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible/go.mod h1:qf9acutJ8cwBUhm1bqgz6Bei9/C/c93FPDljKWwsOgM=
 github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
 github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss=
@@ -544,8 +547,8 @@ github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg
 github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
 github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.148 h1:PdWSbniKnPhKe1B19KUHW/9ahYbFH2EY6Iq6sxOnomo=
-github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.148/go.mod h1:Y/+YLCFCJtS29i2MbYPTUlNNfwXvkzEsZKR0imY/2aY=
+github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.150 h1:Ih+z79Ko1ClH4dlv7O1lyHRiVCjkb2NZYYk+1cSZbU8=
+github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.150/go.mod h1:Y/+YLCFCJtS29i2MbYPTUlNNfwXvkzEsZKR0imY/2aY=
 github.com/hudl/fargo v1.4.0/go.mod h1:9Ai6uvFy5fQNq6VPKtg+Ceq1+eTY4nKUlR2JElEOcDo=
 github.com/iancoleman/strcase v0.3.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
@@ -569,8 +572,6 @@ github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGw
 github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
 github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
 github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
-github.com/jordan-wright/email v4.0.1-0.20210109023952-943e75fe5223+incompatible h1:jdpOPRN1zP63Td1hDQbZW73xKmzDvZHzVdNYxhnTMDA=
-github.com/jordan-wright/email v4.0.1-0.20210109023952-943e75fe5223+incompatible/go.mod h1:1c7szIrayyPPB/987hsnvNzLushdWf4o/79s3P08L8A=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
@@ -679,8 +680,6 @@ github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OS
 github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
 github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/nikoksr/notify v1.3.0 h1:UxzfxzAYGQD9a5JYLBTVx0lFMxeHCke3rPCkfWdPgLs=
-github.com/nikoksr/notify v1.3.0/go.mod h1:Xor2hMmkvrCfkCKvXGbcrESez4brac2zQjhd6U2BbeM=
 github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 h1:ouZ2JWDl8IW5k1qugYbmpbmW8hn85Ig6buSMBRlz3KI=
 github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3/go.mod h1:ZwadWt7mVhMHMbAQ1w8IhDqtWO3eWqWq72W7trnaiE8=
 github.com/nrdcg/desec v0.10.0 h1:qrEDiqnsvNU9QE7lXIXi/tIHAfyaFXKxF2/8/52O8uM=
@@ -740,8 +739,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pocketbase/dbx v1.11.0 h1:LpZezioMfT3K4tLrqA55wWFw1EtH1pM4tzSVa7kgszU=
 github.com/pocketbase/dbx v1.11.0/go.mod h1:xXRCIAKTHMgUCyCKZm55pUOdvFziJjQfXaWKhu2vhMs=
-github.com/pocketbase/pocketbase v0.28.0 h1:dnMHSO0wuYpKs6oP3X5buw1lY9ptd8zy1fTjN+Ae+mA=
-github.com/pocketbase/pocketbase v0.28.0/go.mod h1:WE6xMM4+pxKIVNl4B1mcOEZXlDvPGl7cZ64TW2iXHdI=
+github.com/pocketbase/pocketbase v0.28.2 h1:b6cfUfr5d4whvUFGFhI8oHRzx/eB76GCUQGftqgv9lM=
+github.com/pocketbase/pocketbase v0.28.2/go.mod h1:ElwIYS1b5xS9w0U7AK7tsm6FuC0lzw57H8p/118Cu7g=
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
 github.com/povsister/scp v0.0.0-20250504051308-e467f71ea63c h1:1+j5JHz9mUzYSp0scuF6hzvJP28EDBFe5eBJb0xnGk4=
@@ -774,8 +773,8 @@ github.com/qiniu/x v1.10.5 h1:7V/CYWEmo9axJULvrJN6sMYh2FdY+esN5h8jwDkA4b0=
 github.com/qiniu/x v1.10.5/go.mod h1:03Ni9tj+N2h2aKnAz+6N0Xfl8FwMEDRC2PAlxekASDs=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
-github.com/redis/go-redis/v9 v9.7.3 h1:YpPyAayJV+XErNsatSElgRZZVCwXX9QzkKYNvO7x0wM=
-github.com/redis/go-redis/v9 v9.7.3/go.mod h1:bGUrSggJ9X9GUmZpZNEOQKaANxSGgOEBRltRTZHSvrA=
+github.com/redis/go-redis/v9 v9.8.0 h1:q3nRvjrlge/6UD7eTu/DSg2uYiU2mCL0G/uzBWqhicI=
+github.com/redis/go-redis/v9 v9.8.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
@@ -830,35 +829,37 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/technoweenie/multipartstreamer v1.0.1 h1:XRztA5MXiR1TIRHxH2uNxXxaIkKQDeX7m2XsSOlQEnM=
-github.com/technoweenie/multipartstreamer v1.0.1/go.mod h1:jNVxdtShOxzAsukZwTSw6MDx5eUJoiEBsSvzDU9uzog=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1155 h1:ildxJtjnqiKZxWDVKHT/ncIknGDijtg60MuFELON8bY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1155/go.mod h1:iLASpooTdyXtx642E5Ws7cfWENsp4/uZ/78TFoln7OI=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1161 h1:yGFg9/6j3NP10r9PfSWHfekuq4SwPyqblWnfISfKANo=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1161/go.mod h1:9MzQSEULYm5wHAKz8R3oQ8ovg4vWeLFzn0DmRWTc6zg=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1120/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1124/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1166 h1:cEoDsBt7vGh7YtfVHVmgXKQURZANBE8UKK/So84QUdU=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.1166/go.mod h1:0o5Cfgdh+bAx7kpQ5a5wce/ZUiDvy4Md8NcbrLtk6i8=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1128/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1150/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1155/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1160/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1161/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1162 h1:bscCBygP9JRl6iNabF+vmBOhY+xayFFGYV5Wa0NzH0A=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1162/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1163/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1164/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1166/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1169/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1170/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1172/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173 h1:W5bzEWiJwiwRZR0/P1l78OYWUXYsXLjhBaQ64c+9+fk=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1173/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1128 h1:mrJ5Fbkd7sZIJ5F6oRfh5zebPQaudPH9Y0+GUmFytYU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1128/go.mod h1:zbsYIBT+VTX4z4ocjTAdLBIWyNYj3z0BRqd0iPdnjsk=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163 h1:putqrH5n1SVRqFWHOylVqYI5yLQUjRTkHqZPLT2yeVY=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/gaap v1.0.1163/go.mod h1:aEWRXlAvovPUUoS3kVB/LVWEQ19WqzTj2lXGvR1YArY=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150 h1:RQQYfZOFYlkxKR2+xp8el3+8xs9DhxBy+ajlHtapqtQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/live v1.0.1150/go.mod h1:zpfr6EBWy7ClASTGUgIy01Gn4R79UXf+2QGQeyR124A=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1120 h1:z0t0lb5h1mZirXftO8MRg25COYZHx0ubQjSPhZT/LY0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1120/go.mod h1:IFZL44Keyl+MHrhpFwUaQmJvMDwGr+t+cUfFAC+74lU=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1124 h1:LQKAlxFb0sYiE8ojK5h9+seuFzogoJtYnXmiRF+4F4Q=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1124/go.mod h1:tYbK0FbHVG+78od7eZpzczE8qk0JWKO/osTQWuiJ3Fo=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1162 h1:z/JF+JGi6bGf8vnK9ZeVXz+1Q3ih8nF6KjThxhtIrNc=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1162/go.mod h1:rsO8JCP+WQeLQ32wAB4oRRjsEz0O+kvCGDqc7Ze1jc4=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1160 h1:aNVEDS1yQ7sLfXOOQ/bF3eljFjyvHoJ/J8qSC9mC9gw=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1160/go.mod h1:kf6NQmKK6sh1ACwh8iliBy7I/burd+AWusNz6zbDvLM=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1162 h1:gnmuUaoFAShc9FKj3Omswu3n08bHM/sGsl8xjFAkFNs=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1162/go.mod h1:bu3KAFeoJ1xDGQp72h9Le3FqbOcCcdomOUig3OqgcE4=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1172 h1:6SUO0hTie3zxnUEMxmhnS1iRIXpAukSZV27Nrx4NwIk=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/scf v1.0.1172/go.mod h1:tmN4zfu70SD0iee3qfpc09NRLel30zGoAuzIs4X0Kfs=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1169 h1:oBymtJEmKDnS2NIR0PDLd+xCGQ+7uMoEt7zEB5Q3x8U=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.1169/go.mod h1:K27PNEgRJ602ESXUNnlRnCkf1+XYHI6RVP/ylIe/Aro=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1166 h1:+kIsoG2If/0y15PpZsXfT0QqTuwec9nMgo1JP8KQMkw=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/teo v1.0.1166/go.mod h1:lGmBMXqe3vBg6Bi9h4mVpWLKd7jQIMRbndr8KNHBqSw=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1164 h1:caaIGWOs/JtWOK5ptVMEiiGgzU7Jf6UpMv+9IbIa4vs=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vod v1.0.1164/go.mod h1:SJI2mc77gDC7Tw1QoF/4d5SwLvz8HQFUecWtIXb+r/Q=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170 h1:kcQCWuI9zOkZgL5CK66HNAJmSWCSJxRrDxXT+j02CeE=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.1170/go.mod h1:vTukVfThbBIc4lOf4eq/q51eEk78oZUJd2lAoJBOJwI=
 github.com/tjfoc/gmsm v1.3.2/go.mod h1:HaUcFuY0auTiaHB9MHFGCPx5IaLhTUd2atbCFBQXn9w=
 github.com/tjfoc/gmsm v1.4.1 h1:aMe1GlZb+0bLjn+cKTPEvvn9oUEBlJitaZiiBwsbgho=
 github.com/tjfoc/gmsm v1.4.1/go.mod h1:j4INPkHWMrhJb38G+J6W4Tw0AbuN8Thu3PbdVYhVcTE=
@@ -867,18 +868,18 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
 github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
 github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
 github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
-github.com/ucloud/ucloud-sdk-go v0.22.35 h1:Q4CY3Ae5813jmNUrGdCjc8tlyleL5Lyl0APnpK5L4sk=
-github.com/ucloud/ucloud-sdk-go v0.22.35/go.mod h1:dyLmFHmUfgb4RZKYQP9IArlvQ2pxzFthfhwxRzOEPIw=
+github.com/ucloud/ucloud-sdk-go v0.22.41 h1:JndTJhCx7A1wggZfVb4KMm7D0Wfvd/HkmQVfSNjClQA=
+github.com/ucloud/ucloud-sdk-go v0.22.41/go.mod h1:dyLmFHmUfgb4RZKYQP9IArlvQ2pxzFthfhwxRzOEPIw=
 github.com/ulikunitz/xz v0.5.11 h1:kpFauv27b6ynzBNT/Xy+1k+fK4WswhN/6PN5WhFAGw8=
 github.com/ulikunitz/xz v0.5.11/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
 github.com/volcengine/ve-tos-golang-sdk/v2 v2.7.12 h1:u9+32DXQIOFPG8oQ3xrjSAUSyAcaq5bqO4cEBom/6lA=
 github.com/volcengine/ve-tos-golang-sdk/v2 v2.7.12/go.mod h1:IrjK84IJJTuOZOTMv/P18Ydjy/x+ow7fF7q11jAxXLM=
 github.com/volcengine/volc-sdk-golang v1.0.23/go.mod h1:AfG/PZRUkHJ9inETvbjNifTDgut25Wbkm2QoYBTbvyU=
-github.com/volcengine/volc-sdk-golang v1.0.207 h1:1OJ/nC92dF1URRoyO1AHSghCob12NT1PAA/GoK8uU18=
-github.com/volcengine/volc-sdk-golang v1.0.207/go.mod h1:stZX+EPgv1vF4nZwOlEe8iGcriUPRBKX8zA19gXycOQ=
-github.com/volcengine/volcengine-go-sdk v1.1.7 h1:5ElF1inqX1QUKX8/XGk+HGpG+F01W+m73cLQH+0x50s=
-github.com/volcengine/volcengine-go-sdk v1.1.7/go.mod h1:EyKoi6t6eZxoPNGr2GdFCZti2Skd7MO3eUzx7TtSvNo=
+github.com/volcengine/volc-sdk-golang v1.0.208 h1:DyGUPjEKhWS08BkptfqenXTuUq+LKb7+gX/RBAtNl8w=
+github.com/volcengine/volc-sdk-golang v1.0.208/go.mod h1:stZX+EPgv1vF4nZwOlEe8iGcriUPRBKX8zA19gXycOQ=
+github.com/volcengine/volcengine-go-sdk v1.1.8 h1:/T2p7qeeLWWhGrhtB00b8VNlE32S266LcO+jqFUYwzY=
+github.com/volcengine/volcengine-go-sdk v1.1.8/go.mod h1:EyKoi6t6eZxoPNGr2GdFCZti2Skd7MO3eUzx7TtSvNo=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
@@ -1399,39 +1400,39 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.33.0 h1:yTgZVn1XEe6opVpP1FylmNrIFWuDqe2H0V8CT5gxfIU=
-k8s.io/api v0.33.0/go.mod h1:CTO61ECK/KU7haa3qq8sarQ0biLq2ju405IZAd9zsiM=
-k8s.io/apimachinery v0.33.0 h1:1a6kHrJxb2hs4t8EE5wuR/WxKDwGN1FKH3JvDtA0CIQ=
-k8s.io/apimachinery v0.33.0/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
-k8s.io/client-go v0.33.0 h1:UASR0sAYVUzs2kYuKn/ZakZlcs2bEHaizrrHUZg0G98=
-k8s.io/client-go v0.33.0/go.mod h1:kGkd+l/gNGg8GYWAPr0xF1rRKvVWvzh9vmZAMXtaKOg=
+k8s.io/api v0.33.1 h1:tA6Cf3bHnLIrUK4IqEgb2v++/GYUtqiu9sRVk3iBXyw=
+k8s.io/api v0.33.1/go.mod h1:87esjTn9DRSRTD4fWMXamiXxJhpOIREjWOSjsW1kEHw=
+k8s.io/apimachinery v0.33.1 h1:mzqXWV8tW9Rw4VeW9rEkqvnxj59k1ezDUl20tFK/oM4=
+k8s.io/apimachinery v0.33.1/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
+k8s.io/client-go v0.33.1 h1:ZZV/Ks2g92cyxWkRRnfUDsnhNn28eFpt26aGc8KbXF4=
+k8s.io/client-go v0.33.1/go.mod h1:JAsUrl1ArO7uRVFWfcj6kOomSlCv+JpvIsp6usAGefA=
 k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4=
 k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8=
 k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0=
 k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-modernc.org/cc/v4 v4.25.2 h1:T2oH7sZdGvTaie0BRNFbIYsabzCxUQg8nLqCdQ2i0ic=
-modernc.org/cc/v4 v4.25.2/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
-modernc.org/ccgo/v4 v4.25.1 h1:TFSzPrAGmDsdnhT9X2UrcPMI3N/mJ9/X9ykKXwLhDsU=
-modernc.org/ccgo/v4 v4.25.1/go.mod h1:njjuAYiPflywOOrm3B7kCB444ONP5pAVr8PIEoE0uDw=
+modernc.org/cc/v4 v4.26.1 h1:+X5NtzVBn0KgsBCBe+xkDC7twLb/jNVj9FPgiwSQO3s=
+modernc.org/cc/v4 v4.26.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
+modernc.org/ccgo/v4 v4.28.0 h1:rjznn6WWehKq7dG4JtLRKxb52Ecv8OUGah8+Z/SfpNU=
+modernc.org/ccgo/v4 v4.28.0/go.mod h1:JygV3+9AV6SmPhDasu4JgquwU81XAKLd3OKTUDNOiKE=
 modernc.org/fileutil v1.0.0/go.mod h1:JHsWpkrk/CnVV1H/eGlFf85BEpfkrp56ro8nojIq9Q8=
-modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
-modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
+modernc.org/fileutil v1.3.1 h1:8vq5fe7jdtEvoCf3Zf9Nm0Q05sH6kGx0Op2CPx1wTC8=
+modernc.org/fileutil v1.3.1/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
 modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
 modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
-modernc.org/libc v1.62.1 h1:s0+fv5E3FymN8eJVmnk0llBe6rOxCu/DEU+XygRbS8s=
-modernc.org/libc v1.62.1/go.mod h1:iXhATfJQLjG3NWy56a6WVU73lWOcdYVxsvwCgoPljuo=
+modernc.org/libc v1.65.7 h1:Ia9Z4yzZtWNtUIuiPuQ7Qf7kxYrxP1/jeHZzG8bFu00=
+modernc.org/libc v1.65.7/go.mod h1:011EQibzzio/VX3ygj1qGFt5kMjP0lHb0qCW5/D/pQU=
 modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
 modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
-modernc.org/memory v1.9.1 h1:V/Z1solwAVmMW1yttq3nDdZPJqV1rM05Ccq6KMSZ34g=
-modernc.org/memory v1.9.1/go.mod h1:/JP4VbVC+K5sU2wZi9bHoq2MAkCnrt2r98UGeSK7Mjw=
+modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
+modernc.org/memory v1.11.0/go.mod h1:/JP4VbVC+K5sU2wZi9bHoq2MAkCnrt2r98UGeSK7Mjw=
 modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
 modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
 modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
 modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
-modernc.org/sqlite v1.37.0 h1:s1TMe7T3Q3ovQiK2Ouz4Jwh7dw4ZDqbebSDTlSJdfjI=
-modernc.org/sqlite v1.37.0/go.mod h1:5YiWv+YviqGMuGw4V+PNplcyaJ5v+vQd7TQOgkACoJM=
+modernc.org/sqlite v1.37.1 h1:EgHJK/FPoqC+q2YBXg7fUmES37pCHFc97sI7zSayBEs=
+modernc.org/sqlite v1.37.1/go.mod h1:XwdRtsE1MpiBcL54+MbKcaDvcuej+IYSMfLN6gSKV8g=
 modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
 modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=

internal/applicant/acme_ca.go

@@ -1,27 +1,28 @@
 package applicant
 
-import "github.com/usual2970/certimate/internal/domain"
+import "github.com/certimate-go/certimate/internal/domain"
 
 const (
-	sslProviderLetsEncrypt         = string(domain.CAProviderTypeLetsEncrypt)
-	sslProviderLetsEncryptStaging  = string(domain.CAProviderTypeLetsEncryptStaging)
-	sslProviderBuypass             = string(domain.CAProviderTypeBuypass)
-	sslProviderGoogleTrustServices = string(domain.CAProviderTypeGoogleTrustServices)
-	sslProviderSSLCom              = string(domain.CAProviderTypeSSLCom)
-	sslProviderZeroSSL             = string(domain.CAProviderTypeZeroSSL)
+	caLetsEncrypt         = string(domain.CAProviderTypeLetsEncrypt)
+	caLetsEncryptStaging  = string(domain.CAProviderTypeLetsEncryptStaging)
+	caBuypass             = string(domain.CAProviderTypeBuypass)
+	caGoogleTrustServices = string(domain.CAProviderTypeGoogleTrustServices)
+	caSSLCom              = string(domain.CAProviderTypeSSLCom)
+	caZeroSSL             = string(domain.CAProviderTypeZeroSSL)
+	caCustom              = string(domain.CAProviderTypeACMECA)
 
-	sslProviderDefault = sslProviderLetsEncrypt
+	caDefault = caLetsEncrypt
 )
 
-var sslProviderUrls = map[string]string{
-	sslProviderLetsEncrypt:         "https://acme-v02.api.letsencrypt.org/directory",
-	sslProviderLetsEncryptStaging:  "https://acme-staging-v02.api.letsencrypt.org/directory",
-	sslProviderBuypass:             "https://api.buypass.com/acme/directory",
-	sslProviderGoogleTrustServices: "https://dv.acme-v02.api.pki.goog/directory",
-	sslProviderSSLCom:              "https://acme.ssl.com/sslcom-dv-rsa",
-	sslProviderSSLCom + "RSA":      "https://acme.ssl.com/sslcom-dv-rsa",
-	sslProviderSSLCom + "ECC":      "https://acme.ssl.com/sslcom-dv-ecc",
-	sslProviderZeroSSL:             "https://acme.zerossl.com/v2/DV90",
+var caDirUrls = map[string]string{
+	caLetsEncrypt:         "https://acme-v02.api.letsencrypt.org/directory",
+	caLetsEncryptStaging:  "https://acme-staging-v02.api.letsencrypt.org/directory",
+	caBuypass:             "https://api.buypass.com/acme/directory",
+	caGoogleTrustServices: "https://dv.acme-v02.api.pki.goog/directory",
+	caSSLCom:              "https://acme.ssl.com/sslcom-dv-rsa",
+	caSSLCom + "RSA":      "https://acme.ssl.com/sslcom-dv-rsa",
+	caSSLCom + "ECC":      "https://acme.ssl.com/sslcom-dv-ecc",
+	caZeroSSL:             "https://acme.zerossl.com/v2/DV90",
 }
 
 type acmeSSLProviderConfig struct {

internal/applicant/acme_user.go

@@ -7,41 +7,51 @@ import (
 	"crypto/elliptic"
 	"crypto/rand"
 	"fmt"
+	"strings"
 
 	"github.com/go-acme/lego/v4/lego"
 	"github.com/go-acme/lego/v4/registration"
 	"golang.org/x/sync/singleflight"
 
-	"github.com/usual2970/certimate/internal/domain"
-	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/repository"
+	xcert "github.com/certimate-go/certimate/pkg/utils/cert"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 type acmeUser struct {
-	CA           string
-	Email        string
+	// 证书颁发机构标识。
+	// 通常等同于 [CAProviderType] 的值。
+	// 对于自定义 ACME CA，值为 "custom#{access_id}"。
+	CA string
+	// 邮箱。
+	Email string
+	// 注册信息。
 	Registration *registration.Resource
 
+	// CSR 私钥。
 	privkey string
 }
 
-func newAcmeUser(ca, email string) (*acmeUser, error) {
+func newAcmeUser(ca, caAccessId, email string) (*acmeUser, error) {
 	repo := repository.NewAcmeAccountRepository()
 
 	applyUser := &acmeUser{
 		CA:    ca,
 		Email: email,
 	}
+	if ca == caCustom {
+		applyUser.CA = fmt.Sprintf("%s#%s", ca, caAccessId)
+	}
 
-	acmeAccount, err := repo.GetByCAAndEmail(ca, email)
+	acmeAccount, err := repo.GetByCAAndEmail(applyUser.CA, applyUser.Email)
 	if err != nil {
 		key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 		if err != nil {
 			return nil, err
 		}
 
-		keyPEM, err := certutil.ConvertECPrivateKeyToPEM(key)
+		keyPEM, err := xcert.ConvertECPrivateKeyToPEM(key)
 		if err != nil {
 			return nil, err
 		}
@@ -65,7 +75,7 @@ func (u acmeUser) GetRegistration() *registration.Resource {
 }
 
 func (u *acmeUser) GetPrivateKey() crypto.PrivateKey {
-	rs, _ := certutil.ParseECPrivateKeyFromPEM(u.privkey)
+	rs, _ := xcert.ParseECPrivateKeyFromPEM(u.privkey)
 	return rs
 }
 
@@ -73,6 +83,10 @@ func (u *acmeUser) hasRegistration() bool {
 	return u.Registration != nil
 }
 
+func (u *acmeUser) getCAProvider() string {
+	return strings.Split(u.CA, "#")[0]
+}
+
 func (u *acmeUser) getPrivateKeyPEM() string {
 	return u.privkey
 }
@@ -94,19 +108,19 @@ func registerAcmeUserWithSingleFlight(client *lego.Client, user *acmeUser, userR
 func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions map[string]any) (*registration.Resource, error) {
 	var reg *registration.Resource
 	var err error
-	switch user.CA {
-	case sslProviderLetsEncrypt, sslProviderLetsEncryptStaging:
+	switch user.getCAProvider() {
+	case caLetsEncrypt, caLetsEncryptStaging:
 		reg, err = client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
 
-	case sslProviderBuypass:
+	case caBuypass:
 		{
 			reg, err = client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
 		}
 
-	case sslProviderGoogleTrustServices:
+	case caGoogleTrustServices:
 		{
 			access := domain.AccessConfigForGoogleTrustServices{}
-			if err := maputil.Populate(userRegisterOptions, &access); err != nil {
+			if err := xmaps.Populate(userRegisterOptions, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -117,10 +131,10 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m
 			})
 		}
 
-	case sslProviderSSLCom:
+	case caSSLCom:
 		{
 			access := domain.AccessConfigForSSLCom{}
-			if err := maputil.Populate(userRegisterOptions, &access); err != nil {
+			if err := xmaps.Populate(userRegisterOptions, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -131,10 +145,10 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m
 			})
 		}
 
-	case sslProviderZeroSSL:
+	case caZeroSSL:
 		{
 			access := domain.AccessConfigForZeroSSL{}
-			if err := maputil.Populate(userRegisterOptions, &access); err != nil {
+			if err := xmaps.Populate(userRegisterOptions, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -145,6 +159,26 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m
 			})
 		}
 
+	case caCustom:
+		{
+			access := domain.AccessConfigForACMECA{}
+			if err := xmaps.Populate(userRegisterOptions, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			if access.EabKid == "" && access.EabHmacKey == "" {
+				reg, err = client.Registration.Register(registration.RegisterOptions{
+					TermsOfServiceAgreed: true,
+				})
+			} else {
+				reg, err = client.Registration.RegisterWithExternalAccountBinding(registration.RegisterEABOptions{
+					TermsOfServiceAgreed: true,
+					Kid:                  access.EabKid,
+					HmacEncoded:          access.EabHmacKey,
+				})
+			}
+		}
+
 	default:
 		err = fmt.Errorf("unsupported ca provider '%s'", user.CA)
 	}

internal/applicant/applicant.go

@@ -19,19 +19,21 @@ import (
 	"golang.org/x/exp/slices"
 	"golang.org/x/time/rate"
 
-	"github.com/usual2970/certimate/internal/domain"
-	sliceutil "github.com/usual2970/certimate/internal/pkg/utils/slice"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/repository"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
+	xslices "github.com/certimate-go/certimate/pkg/utils/slices"
 )
 
 type ApplyResult struct {
-	CertificateFullChain string
+	CSR                  string
+	FullChainCertificate string
 	IssuerCertificate    string
 	PrivateKey           string
 	ACMEAccountUrl       string
 	ACMECertUrl          string
 	ACMECertStableUrl    string
-	CSR                  string
+	ARIReplaced          bool
 }
 
 type Applicant interface {
@@ -51,36 +53,37 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
 		return nil, fmt.Errorf("node type is not '%s'", string(domain.WorkflowNodeTypeApply))
 	}
 
-	nodeConfig := config.Node.GetConfigForApply()
+	nodeCfg := config.Node.GetConfigForApply()
 	options := &applicantProviderOptions{
-		Domains:                  sliceutil.Filter(strings.Split(nodeConfig.Domains, ";"), func(s string) bool { return s != "" }),
-		ContactEmail:             nodeConfig.ContactEmail,
-		Provider:                 domain.ACMEDns01ProviderType(nodeConfig.Provider),
-		ProviderAccessConfig:     make(map[string]any),
-		ProviderExtendedConfig:   nodeConfig.ProviderConfig,
-		CAProvider:               domain.CAProviderType(nodeConfig.CAProvider),
-		CAProviderAccessConfig:   make(map[string]any),
-		CAProviderExtendedConfig: nodeConfig.CAProviderConfig,
-		KeyAlgorithm:             nodeConfig.KeyAlgorithm,
-		Nameservers:              sliceutil.Filter(strings.Split(nodeConfig.Nameservers, ";"), func(s string) bool { return s != "" }),
-		DnsPropagationWait:       nodeConfig.DnsPropagationWait,
-		DnsPropagationTimeout:    nodeConfig.DnsPropagationTimeout,
-		DnsTTL:                   nodeConfig.DnsTTL,
-		DisableFollowCNAME:       nodeConfig.DisableFollowCNAME,
+		Domains:                 xslices.Filter(strings.Split(nodeCfg.Domains, ";"), func(s string) bool { return s != "" }),
+		ContactEmail:            nodeCfg.ContactEmail,
+		Provider:                domain.ACMEDns01ProviderType(nodeCfg.Provider),
+		ProviderAccessConfig:    make(map[string]any),
+		ProviderServiceConfig:   nodeCfg.ProviderConfig,
+		CAProvider:              domain.CAProviderType(nodeCfg.CAProvider),
+		CAProviderAccessConfig:  make(map[string]any),
+		CAProviderServiceConfig: nodeCfg.CAProviderConfig,
+		KeyAlgorithm:            nodeCfg.KeyAlgorithm,
+		Nameservers:             xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }),
+		DnsPropagationWait:      nodeCfg.DnsPropagationWait,
+		DnsPropagationTimeout:   nodeCfg.DnsPropagationTimeout,
+		DnsTTL:                  nodeCfg.DnsTTL,
+		DisableFollowCNAME:      nodeCfg.DisableFollowCNAME,
 	}
 
 	accessRepo := repository.NewAccessRepository()
-	if nodeConfig.ProviderAccessId != "" {
-		if access, err := accessRepo.GetById(context.Background(), nodeConfig.ProviderAccessId); err != nil {
-			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeConfig.ProviderAccessId, err)
+	if nodeCfg.ProviderAccessId != "" {
+		if access, err := accessRepo.GetById(context.Background(), nodeCfg.ProviderAccessId); err != nil {
+			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeCfg.ProviderAccessId, err)
 		} else {
 			options.ProviderAccessConfig = access.Config
 		}
 	}
-	if nodeConfig.CAProviderAccessId != "" {
-		if access, err := accessRepo.GetById(context.Background(), nodeConfig.CAProviderAccessId); err != nil {
-			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeConfig.CAProviderAccessId, err)
+	if nodeCfg.CAProviderAccessId != "" {
+		if access, err := accessRepo.GetById(context.Background(), nodeCfg.CAProviderAccessId); err != nil {
+			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeCfg.CAProviderAccessId, err)
 		} else {
+			options.CAProviderAccessId = access.Id
 			options.CAProviderAccessConfig = access.Config
 		}
 	}
@@ -91,13 +94,13 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
 
 		sslProviderConfig := &acmeSSLProviderConfig{
 			Config:   make(map[domain.CAProviderType]map[string]any),
-			Provider: sslProviderDefault,
+			Provider: caDefault,
 		}
 		if settings != nil {
 			if err := json.Unmarshal([]byte(settings.Content), sslProviderConfig); err != nil {
 				return nil, err
 			} else if sslProviderConfig.Provider == "" {
-				sslProviderConfig.Provider = sslProviderDefault
+				sslProviderConfig.Provider = caDefault
 			}
 		}
 
@@ -107,7 +110,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
 
 	certRepo := repository.NewCertificateRepository()
 	lastCertificate, _ := certRepo.GetByWorkflowNodeId(context.Background(), config.Node.Id)
-	if lastCertificate != nil {
+	if lastCertificate != nil && !lastCertificate.ACMERenewed {
 		newCertSan := slices.Clone(options.Domains)
 		oldCertSan := strings.Split(lastCertificate.SubjectAltNames, ";")
 		slices.Sort(newCertSan)
@@ -117,8 +120,8 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
 			lastCertX509, _ := certcrypto.ParsePEMCertificate([]byte(lastCertificate.Certificate))
 			if lastCertX509 != nil {
 				replacedARICertId, _ := certificate.MakeARICertID(lastCertX509)
-				options.ReplacedARIAcct = lastCertificate.ACMEAccountUrl
-				options.ReplacedARICert = replacedARICertId
+				options.ARIReplaceAcct = lastCertificate.ACMEAccountUrl
+				options.ARIReplaceCert = replacedARICertId
 			}
 		}
 	}
@@ -163,7 +166,7 @@ func getLimiter(key string) *rate.Limiter {
 }
 
 func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOptions) (*ApplyResult, error) {
-	user, err := newAcmeUser(string(options.CAProvider), options.ContactEmail)
+	user, err := newAcmeUser(string(options.CAProvider), options.CAProviderAccessId, options.ContactEmail)
 	if err != nil {
 		return nil, err
 	}
@@ -175,13 +178,26 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt
 	// Create an ACME client config
 	config := lego.NewConfig(user)
 	config.Certificate.KeyType = parseLegoKeyAlgorithm(domain.CertificateKeyAlgorithmType(options.KeyAlgorithm))
-	config.CADirURL = sslProviderUrls[user.CA]
-	if user.CA == sslProviderSSLCom {
+	switch user.getCAProvider() {
+	case caSSLCom:
 		if strings.HasPrefix(options.KeyAlgorithm, "RSA") {
-			config.CADirURL = sslProviderUrls[sslProviderSSLCom+"RSA"]
+			config.CADirURL = caDirUrls[caSSLCom+"RSA"]
 		} else if strings.HasPrefix(options.KeyAlgorithm, "EC") {
-			config.CADirURL = sslProviderUrls[sslProviderSSLCom+"ECC"]
+			config.CADirURL = caDirUrls[caSSLCom+"ECC"]
+		} else {
+			config.CADirURL = caDirUrls[caSSLCom]
 		}
+
+	case caCustom:
+		caDirURL := xmaps.GetString(options.CAProviderAccessConfig, "endpoint")
+		if caDirURL != "" {
+			config.CADirURL = caDirURL
+		} else {
+			return nil, fmt.Errorf("invalid ca provider endpoint")
+		}
+
+	default:
+		config.CADirURL = caDirUrls[user.CA]
 	}
 
 	// Create an ACME client
@@ -220,22 +236,24 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt
 		Domains: options.Domains,
 		Bundle:  true,
 	}
-	if options.ReplacedARIAcct == user.Registration.URI {
-		certRequest.ReplacesCertID = options.ReplacedARICert
+	if options.ARIReplaceAcct == user.Registration.URI {
+		certRequest.ReplacesCertID = options.ARIReplaceCert
 	}
+
 	certResource, err := client.Certificate.Obtain(certRequest)
 	if err != nil {
 		return nil, err
 	}
 
 	return &ApplyResult{
-		CertificateFullChain: strings.TrimSpace(string(certResource.Certificate)),
+		CSR:                  strings.TrimSpace(string(certResource.CSR)),
+		FullChainCertificate: strings.TrimSpace(string(certResource.Certificate)),
 		IssuerCertificate:    strings.TrimSpace(string(certResource.IssuerCertificate)),
 		PrivateKey:           strings.TrimSpace(string(certResource.PrivateKey)),
 		ACMEAccountUrl:       user.Registration.URI,
 		ACMECertUrl:          certResource.CertURL,
 		ACMECertStableUrl:    certResource.CertStableURL,
-		CSR:                  strings.TrimSpace(string(certResource.CSR)),
+		ARIReplaced:          certRequest.ReplacesCertID != "",
 	}, nil
 }
 

internal/applicant/providers.go

@@ -5,59 +5,66 @@ import (
 
 	"github.com/go-acme/lego/v4/challenge"
 
-	"github.com/usual2970/certimate/internal/domain"
-	pACMEHttpReq "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/acmehttpreq"
-	pAliyun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun"
-	pAliyunESA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aliyun-esa"
-	pAWSRoute53 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53"
-	pAzureDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns"
-	pBaiduCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud"
-	pBunny "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny"
-	pCloudflare "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare"
-	pClouDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns"
-	pCMCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud"
-	pDeSEC "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/desec"
-	pDNSLA "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dnsla"
-	pDynv6 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/dynv6"
-	pGcore "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gcore"
-	pGname "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/gname"
-	pGoDaddy "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/godaddy"
-	pHuaweiCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/huaweicloud"
-	pJDCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/jdcloud"
-	pNamecheap "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namecheap"
-	pNameDotCom "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namedotcom"
-	pNameSilo "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/namesilo"
-	pNetcup "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netcup"
-	pNetlify "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/netlify"
-	pNS1 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ns1"
-	pPorkbun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/porkbun"
-	pPowerDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/powerdns"
-	pRainYun "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/rainyun"
-	pTencentCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud"
-	pTencentCloudEO "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/tencentcloud-eo"
-	pVercel "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/vercel"
-	pVolcEngine "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/volcengine"
-	pWestcn "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/westcn"
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
+	"github.com/certimate-go/certimate/internal/domain"
+	pACMEHttpReq "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq"
+	pAliyun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun"
+	pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa"
+	pAWSRoute53 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aws-route53"
+	pAzureDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/azure-dns"
+	pBaiduCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/baiducloud"
+	pBunny "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/bunny"
+	pCloudflare "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudflare"
+	pClouDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cloudns"
+	pCMCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/cmcccloud"
+	pConstellix "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/constellix"
+	pCTCCCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ctcccloud"
+	pDeSEC "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/desec"
+	pDigitalOcean "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/digitalocean"
+	pDNSLA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dnsla"
+	pDuckDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/duckdns"
+	pDynv6 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/dynv6"
+	pGcore "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gcore"
+	pGname "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/gname"
+	pGoDaddy "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/godaddy"
+	pHetzner "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/hetzner"
+	pHuaweiCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/huaweicloud"
+	pJDCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/jdcloud"
+	pNamecheap "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namecheap"
+	pNameDotCom "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namedotcom"
+	pNameSilo "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/namesilo"
+	pNetcup "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netcup"
+	pNetlify "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/netlify"
+	pNS1 "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ns1"
+	pPorkbun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/porkbun"
+	pPowerDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/powerdns"
+	pRainYun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/rainyun"
+	pTencentCloud "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud"
+	pTencentCloudEO "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/tencentcloud-eo"
+	pUCloudUDNR "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/ucloud-udnr"
+	pVercel "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/vercel"
+	pVolcEngine "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/volcengine"
+	pWestcn "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/westcn"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 type applicantProviderOptions struct {
-	Domains                  []string
-	ContactEmail             string
-	Provider                 domain.ACMEDns01ProviderType
-	ProviderAccessConfig     map[string]any
-	ProviderExtendedConfig   map[string]any
-	CAProvider               domain.CAProviderType
-	CAProviderAccessConfig   map[string]any
-	CAProviderExtendedConfig map[string]any
-	KeyAlgorithm             string
-	Nameservers              []string
-	DnsPropagationWait       int32
-	DnsPropagationTimeout    int32
-	DnsTTL                   int32
-	DisableFollowCNAME       bool
-	ReplacedARIAcct          string
-	ReplacedARICert          string
+	Domains                 []string
+	ContactEmail            string
+	Provider                domain.ACMEDns01ProviderType
+	ProviderAccessConfig    map[string]any
+	ProviderServiceConfig   map[string]any
+	CAProvider              domain.CAProviderType
+	CAProviderAccessId      string
+	CAProviderAccessConfig  map[string]any
+	CAProviderServiceConfig map[string]any
+	KeyAlgorithm            string
+	Nameservers             []string
+	DnsPropagationWait      int32
+	DnsPropagationTimeout   int32
+	DnsTTL                  int32
+	DisableFollowCNAME      bool
+	ARIReplaceAcct          string
+	ARIReplaceCert          string
 }
 
 func createApplicantProvider(options *applicantProviderOptions) (challenge.Provider, error) {
@@ -69,7 +76,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeACMEHttpReq:
 		{
 			access := domain.AccessConfigForACMEHttpReq{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -86,7 +93,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeAliyun, domain.ACMEDns01ProviderTypeAliyunDNS, domain.ACMEDns01ProviderTypeAliyunESA:
 		{
 			access := domain.AccessConfigForAliyun{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -104,7 +111,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 				applicant, err := pAliyunESA.NewChallengeProvider(&pAliyunESA.ChallengeProviderConfig{
 					AccessKeyId:           access.AccessKeyId,
 					AccessKeySecret:       access.AccessKeySecret,
-					Region:                maputil.GetString(options.ProviderExtendedConfig, "region"),
+					Region:                xmaps.GetString(options.ProviderServiceConfig, "region"),
 					DnsPropagationTimeout: options.DnsPropagationTimeout,
 					DnsTTL:                options.DnsTTL,
 				})
@@ -118,15 +125,15 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeAWS, domain.ACMEDns01ProviderTypeAWSRoute53:
 		{
 			access := domain.AccessConfigForAWS{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
 			applicant, err := pAWSRoute53.NewChallengeProvider(&pAWSRoute53.ChallengeProviderConfig{
 				AccessKeyId:           access.AccessKeyId,
 				SecretAccessKey:       access.SecretAccessKey,
-				Region:                maputil.GetString(options.ProviderExtendedConfig, "region"),
-				HostedZoneId:          maputil.GetString(options.ProviderExtendedConfig, "hostedZoneId"),
+				Region:                xmaps.GetString(options.ProviderServiceConfig, "region"),
+				HostedZoneId:          xmaps.GetString(options.ProviderServiceConfig, "hostedZoneId"),
 				DnsPropagationTimeout: options.DnsPropagationTimeout,
 				DnsTTL:                options.DnsTTL,
 			})
@@ -136,7 +143,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeAzure, domain.ACMEDns01ProviderTypeAzureDNS:
 		{
 			access := domain.AccessConfigForAzure{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -154,7 +161,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeBaiduCloud, domain.ACMEDns01ProviderTypeBaiduCloudDNS:
 		{
 			access := domain.AccessConfigForBaiduCloud{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -170,7 +177,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeBunny:
 		{
 			access := domain.AccessConfigForBunny{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -185,7 +192,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeCloudflare:
 		{
 			access := domain.AccessConfigForCloudflare{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -201,7 +208,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeClouDNS:
 		{
 			access := domain.AccessConfigForClouDNS{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -214,10 +221,10 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			return applicant, err
 		}
 
-	case domain.ACMEDns01ProviderTypeCMCCCloud:
+	case domain.ACMEDns01ProviderTypeCMCCCloud, domain.ACMEDns01ProviderTypeCMCCCloudDNS:
 		{
 			access := domain.AccessConfigForCMCCCloud{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -230,10 +237,42 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			return applicant, err
 		}
 
+	case domain.ACMEDns01ProviderTypeConstellix:
+		{
+			access := domain.AccessConfigForConstellix{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pConstellix.NewChallengeProvider(&pConstellix.ChallengeProviderConfig{
+				ApiKey:                access.ApiKey,
+				SecretKey:             access.SecretKey,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+				DnsTTL:                options.DnsTTL,
+			})
+			return applicant, err
+		}
+
+	case domain.ACMEDns01ProviderTypeCTCCCloud, domain.ACMEDns01ProviderTypeCTCCCloudSmartDNS:
+		{
+			access := domain.AccessConfigForCTCCCloud{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pCTCCCloud.NewChallengeProvider(&pCTCCCloud.ChallengeProviderConfig{
+				AccessKeyId:           access.AccessKeyId,
+				SecretAccessKey:       access.SecretAccessKey,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+				DnsTTL:                options.DnsTTL,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeDeSEC:
 		{
 			access := domain.AccessConfigForDeSEC{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -245,10 +284,25 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			return applicant, err
 		}
 
+	case domain.ACMEDns01ProviderTypeDigitalOcean:
+		{
+			access := domain.AccessConfigForDigitalOcean{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pDigitalOcean.NewChallengeProvider(&pDigitalOcean.ChallengeProviderConfig{
+				AccessToken:           access.AccessToken,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+				DnsTTL:                options.DnsTTL,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeDNSLA:
 		{
 			access := domain.AccessConfigForDNSLA{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -261,10 +315,24 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			return applicant, err
 		}
 
+	case domain.ACMEDns01ProviderTypeDuckDNS:
+		{
+			access := domain.AccessConfigForDuckDNS{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pDuckDNS.NewChallengeProvider(&pDuckDNS.ChallengeProviderConfig{
+				Token:                 access.Token,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeDynv6:
 		{
 			access := domain.AccessConfigForDynv6{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -279,7 +347,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeGcore:
 		{
 			access := domain.AccessConfigForGcore{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -294,7 +362,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeGname:
 		{
 			access := domain.AccessConfigForGname{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -310,7 +378,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeGoDaddy:
 		{
 			access := domain.AccessConfigForGoDaddy{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -323,17 +391,32 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			return applicant, err
 		}
 
+	case domain.ACMEDns01ProviderTypeHetzner:
+		{
+			access := domain.AccessConfigForHetzner{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pHetzner.NewChallengeProvider(&pHetzner.ChallengeProviderConfig{
+				ApiToken:              access.ApiToken,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+				DnsTTL:                options.DnsTTL,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeHuaweiCloud, domain.ACMEDns01ProviderTypeHuaweiCloudDNS:
 		{
 			access := domain.AccessConfigForHuaweiCloud{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
 			applicant, err := pHuaweiCloud.NewChallengeProvider(&pHuaweiCloud.ChallengeProviderConfig{
 				AccessKeyId:           access.AccessKeyId,
 				SecretAccessKey:       access.SecretAccessKey,
-				Region:                maputil.GetString(options.ProviderExtendedConfig, "region"),
+				Region:                xmaps.GetString(options.ProviderServiceConfig, "region"),
 				DnsPropagationTimeout: options.DnsPropagationTimeout,
 				DnsTTL:                options.DnsTTL,
 			})
@@ -343,14 +426,14 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeJDCloud, domain.ACMEDns01ProviderTypeJDCloudDNS:
 		{
 			access := domain.AccessConfigForJDCloud{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
 			applicant, err := pJDCloud.NewChallengeProvider(&pJDCloud.ChallengeProviderConfig{
 				AccessKeyId:           access.AccessKeyId,
 				AccessKeySecret:       access.AccessKeySecret,
-				RegionId:              maputil.GetString(options.ProviderExtendedConfig, "regionId"),
+				RegionId:              xmaps.GetString(options.ProviderServiceConfig, "regionId"),
 				DnsPropagationTimeout: options.DnsPropagationTimeout,
 				DnsTTL:                options.DnsTTL,
 			})
@@ -360,7 +443,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNamecheap:
 		{
 			access := domain.AccessConfigForNamecheap{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -376,7 +459,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNameDotCom:
 		{
 			access := domain.AccessConfigForNameDotCom{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -392,7 +475,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNameSilo:
 		{
 			access := domain.AccessConfigForNameSilo{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -407,7 +490,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNetcup:
 		{
 			access := domain.AccessConfigForNetcup{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -424,7 +507,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNetlify:
 		{
 			access := domain.AccessConfigForNetlify{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -439,7 +522,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeNS1:
 		{
 			access := domain.AccessConfigForNS1{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -454,7 +537,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypePorkbun:
 		{
 			access := domain.AccessConfigForPorkbun{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -470,12 +553,12 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypePowerDNS:
 		{
 			access := domain.AccessConfigForPowerDNS{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
 			applicant, err := pPowerDNS.NewChallengeProvider(&pPowerDNS.ChallengeProviderConfig{
-				ApiUrl:                   access.ApiUrl,
+				ServerUrl:                access.ServerUrl,
 				ApiKey:                   access.ApiKey,
 				AllowInsecureConnections: access.AllowInsecureConnections,
 				DnsPropagationTimeout:    options.DnsPropagationTimeout,
@@ -487,7 +570,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeRainYun:
 		{
 			access := domain.AccessConfigForRainYun{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -502,7 +585,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeTencentCloud, domain.ACMEDns01ProviderTypeTencentCloudDNS, domain.ACMEDns01ProviderTypeTencentCloudEO:
 		{
 			access := domain.AccessConfigForTencentCloud{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -520,7 +603,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 				applicant, err := pTencentCloudEO.NewChallengeProvider(&pTencentCloudEO.ChallengeProviderConfig{
 					SecretId:              access.SecretId,
 					SecretKey:             access.SecretKey,
-					ZoneId:                maputil.GetString(options.ProviderExtendedConfig, "zoneId"),
+					ZoneId:                xmaps.GetString(options.ProviderServiceConfig, "zoneId"),
 					DnsPropagationTimeout: options.DnsPropagationTimeout,
 					DnsTTL:                options.DnsTTL,
 				})
@@ -531,10 +614,26 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 			}
 		}
 
+	case domain.ACMEDns01ProviderTypeUCloudUDNR:
+		{
+			access := domain.AccessConfigForUCloud{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pUCloudUDNR.NewChallengeProvider(&pUCloudUDNR.ChallengeProviderConfig{
+				PrivateKey:            access.PrivateKey,
+				PublicKey:             access.PublicKey,
+				DnsPropagationTimeout: options.DnsPropagationTimeout,
+				DnsTTL:                options.DnsTTL,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeVercel:
 		{
 			access := domain.AccessConfigForVercel{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -550,7 +649,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeVolcEngine, domain.ACMEDns01ProviderTypeVolcEngineDNS:
 		{
 			access := domain.AccessConfigForVolcEngine{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
@@ -566,7 +665,7 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	case domain.ACMEDns01ProviderTypeWestcn:
 		{
 			access := domain.AccessConfigForWestcn{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 

internal/certificate/service.go

@@ -13,12 +13,12 @@ import (
 	"github.com/go-acme/lego/v4/certcrypto"
 	"github.com/pocketbase/dbx"
 
-	"github.com/usual2970/certimate/internal/app"
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/domain/dtos"
-	"github.com/usual2970/certimate/internal/notify"
-	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/app"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/domain/dtos"
+	"github.com/certimate-go/certimate/internal/notify"
+	"github.com/certimate-go/certimate/internal/repository"
+	xcert "github.com/certimate-go/certimate/pkg/utils/cert"
 )
 
 const (
@@ -145,7 +145,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
 		{
 			const pfxPassword = "certimate"
 
-			certPFX, err := certutil.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword)
+			certPFX, err := xcert.TransformCertificateFromPEMToPFX(certificate.Certificate, certificate.PrivateKey, pfxPassword)
 			if err != nil {
 				return nil, err
 			}
@@ -183,7 +183,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
 		{
 			const jksPassword = "certimate"
 
-			certJKS, err := certutil.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword)
+			certJKS, err := xcert.TransformCertificateFromPEMToJKS(certificate.Certificate, certificate.PrivateKey, jksPassword, jksPassword, jksPassword)
 			if err != nil {
 				return nil, err
 			}
@@ -223,7 +223,7 @@ func (s *CertificateService) ArchiveFile(ctx context.Context, req *dtos.Certific
 }
 
 func (s *CertificateService) ValidateCertificate(ctx context.Context, req *dtos.CertificateValidateCertificateReq) (*dtos.CertificateValidateCertificateResp, error) {
-	certX509, err := certutil.ParseCertificateFromPEM(req.Certificate)
+	certX509, err := xcert.ParseCertificateFromPEM(req.Certificate)
 	if err != nil {
 		return nil, err
 	} else if time.Now().After(certX509.NotAfter) {

internal/deployer/deployer.go

@@ -5,9 +5,9 @@ import (
 	"fmt"
 	"log/slog"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/repository"
+	"github.com/certimate-go/certimate/pkg/core"
 )
 
 type Deployer interface {
@@ -29,37 +29,39 @@ func NewWithWorkflowNode(config DeployerWithWorkflowNodeConfig) (Deployer, error
 		return nil, fmt.Errorf("node type is not '%s'", string(domain.WorkflowNodeTypeDeploy))
 	}
 
-	nodeConfig := config.Node.GetConfigForDeploy()
+	nodeCfg := config.Node.GetConfigForDeploy()
 	options := &deployerProviderOptions{
-		Provider:               domain.DeploymentProviderType(nodeConfig.Provider),
-		ProviderAccessConfig:   make(map[string]any),
-		ProviderExtendedConfig: nodeConfig.ProviderConfig,
+		Provider:              domain.DeploymentProviderType(nodeCfg.Provider),
+		ProviderAccessConfig:  make(map[string]any),
+		ProviderServiceConfig: nodeCfg.ProviderConfig,
 	}
 
 	accessRepo := repository.NewAccessRepository()
-	if nodeConfig.ProviderAccessId != "" {
-		access, err := accessRepo.GetById(context.Background(), nodeConfig.ProviderAccessId)
+	if nodeCfg.ProviderAccessId != "" {
+		access, err := accessRepo.GetById(context.Background(), nodeCfg.ProviderAccessId)
 		if err != nil {
-			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeConfig.ProviderAccessId, err)
+			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeCfg.ProviderAccessId, err)
 		} else {
 			options.ProviderAccessConfig = access.Config
 		}
 	}
 
-	deployerProvider, err := createDeployerProvider(options)
+	deployer, err := createSSLDeployerProvider(options)
 	if err != nil {
 		return nil, err
+	} else {
+		deployer.SetLogger(config.Logger)
 	}
 
 	return &deployerImpl{
-		provider:   deployerProvider.WithLogger(config.Logger),
+		provider:   deployer,
 		certPEM:    config.CertificatePEM,
 		privkeyPEM: config.PrivateKeyPEM,
 	}, nil
 }
 
 type deployerImpl struct {
-	provider   deployer.Deployer
+	provider   core.SSLDeployer
 	certPEM    string
 	privkeyPEM string
 }

internal/domain/access.go

@@ -16,11 +16,18 @@ type Access struct {
 }
 
 type AccessConfigFor1Panel struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
+	ApiVersion               string `json:"apiVersion"`
 	ApiKey                   string `json:"apiKey"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }
 
+type AccessConfigForACMECA struct {
+	Endpoint   string `json:"endpoint"`
+	EabKid     string `json:"eabKid,omitempty"`
+	EabHmacKey string `json:"eabHmacKey,omitempty"`
+}
+
 type AccessConfigForACMEHttpReq struct {
 	Endpoint string `json:"endpoint"`
 	Mode     string `json:"mode,omitempty"`
@@ -31,6 +38,13 @@ type AccessConfigForACMEHttpReq struct {
 type AccessConfigForAliyun struct {
 	AccessKeyId     string `json:"accessKeyId"`
 	AccessKeySecret string `json:"accessKeySecret"`
+	ResourceGroupId string `json:"resourceGroupId,omitempty"`
+}
+
+type AccessConfigForAPISIX struct {
+	ServerUrl                string `json:"serverUrl"`
+	ApiKey                   string `json:"apiKey"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }
 
 type AccessConfigForAWS struct {
@@ -55,7 +69,13 @@ type AccessConfigForBaishan struct {
 }
 
 type AccessConfigForBaotaPanel struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
+	ApiKey                   string `json:"apiKey"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
+}
+
+type AccessConfigForBaotaWAF struct {
+	ServerUrl                string `json:"serverUrl"`
 	ApiKey                   string `json:"apiKey"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }
@@ -74,7 +94,7 @@ type AccessConfigForCacheFly struct {
 }
 
 type AccessConfigForCdnfly struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
 	ApiKey                   string `json:"apiKey"`
 	ApiSecret                string `json:"apiSecret"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
@@ -95,15 +115,34 @@ type AccessConfigForCMCCCloud struct {
 	AccessKeySecret string `json:"accessKeySecret"`
 }
 
+type AccessConfigForConstellix struct {
+	ApiKey    string `json:"apiKey"`
+	SecretKey string `json:"secretKey"`
+}
+
+type AccessConfigForCTCCCloud struct {
+	AccessKeyId     string `json:"accessKeyId"`
+	SecretAccessKey string `json:"secretAccessKey"`
+}
+
 type AccessConfigForDeSEC struct {
 	Token string `json:"token"`
 }
 
+type AccessConfigForDigitalOcean struct {
+	AccessToken string `json:"accessToken"`
+}
+
 type AccessConfigForDingTalkBot struct {
 	WebhookUrl string `json:"webhookUrl"`
 	Secret     string `json:"secret"`
 }
 
+type AccessConfigForDiscordBot struct {
+	BotToken         string `json:"botToken"`
+	DefaultChannelId string `json:"defaultChannelId,omitempty"`
+}
+
 type AccessConfigForDNSLA struct {
 	ApiId     string `json:"apiId"`
 	ApiSecret string `json:"apiSecret"`
@@ -114,6 +153,10 @@ type AccessConfigForDogeCloud struct {
 	SecretKey string `json:"secretKey"`
 }
 
+type AccessConfigForDuckDNS struct {
+	Token string `json:"token"`
+}
+
 type AccessConfigForDynv6 struct {
 	HttpToken string `json:"httpToken"`
 }
@@ -130,9 +173,18 @@ type AccessConfigForEmail struct {
 	Username               string `json:"username"`
 	Password               string `json:"password"`
 	DefaultSenderAddress   string `json:"defaultSenderAddress,omitempty"`
+	DefaultSenderName      string `json:"defaultSenderName,omitempty"`
 	DefaultReceiverAddress string `json:"defaultReceiverAddress,omitempty"`
 }
 
+type AccessConfigForFlexCDN struct {
+	ServerUrl                string `json:"serverUrl"`
+	ApiRole                  string `json:"apiRole"`
+	AccessKeyId              string `json:"accessKeyId"`
+	AccessKey                string `json:"accessKey"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
+}
+
 type AccessConfigForGcore struct {
 	ApiToken string `json:"apiToken"`
 }
@@ -148,7 +200,7 @@ type AccessConfigForGoDaddy struct {
 }
 
 type AccessConfigForGoEdge struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
 	ApiRole                  string `json:"apiRole"`
 	AccessKeyId              string `json:"accessKeyId"`
 	AccessKey                string `json:"accessKey"`
@@ -160,9 +212,14 @@ type AccessConfigForGoogleTrustServices struct {
 	EabHmacKey string `json:"eabHmacKey"`
 }
 
+type AccessConfigForHetzner struct {
+	ApiToken string `json:"apiToken"`
+}
+
 type AccessConfigForHuaweiCloud struct {
-	AccessKeyId     string `json:"accessKeyId"`
-	SecretAccessKey string `json:"secretAccessKey"`
+	AccessKeyId         string `json:"accessKeyId"`
+	SecretAccessKey     string `json:"secretAccessKey"`
+	EnterpriseProjectId string `json:"enterpriseProjectId,omitempty"`
 }
 
 type AccessConfigForJDCloud struct {
@@ -178,6 +235,15 @@ type AccessConfigForLarkBot struct {
 	WebhookUrl string `json:"webhookUrl"`
 }
 
+type AccessConfigForLeCDN struct {
+	ServerUrl                string `json:"serverUrl"`
+	ApiVersion               string `json:"apiVersion"`
+	ApiRole                  string `json:"apiRole"`
+	Username                 string `json:"username"`
+	Password                 string `json:"password"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
+}
+
 type AccessConfigForMattermost struct {
 	ServerUrl        string `json:"serverUrl"`
 	Username         string `json:"username"`
@@ -219,13 +285,13 @@ type AccessConfigForPorkbun struct {
 }
 
 type AccessConfigForPowerDNS struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
 	ApiKey                   string `json:"apiKey"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }
 
 type AccessConfigForProxmoxVE struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
 	ApiToken                 string `json:"apiToken"`
 	ApiTokenSecret           string `json:"apiTokenSecret,omitempty"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
@@ -240,19 +306,41 @@ type AccessConfigForRainYun struct {
 	ApiKey string `json:"apiKey"`
 }
 
+type AccessConfigForRatPanel struct {
+	ServerUrl                string `json:"serverUrl"`
+	AccessTokenId            int32  `json:"accessTokenId"`
+	AccessToken              string `json:"accessToken"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
+}
+
 type AccessConfigForSafeLine struct {
-	ApiUrl                   string `json:"apiUrl"`
+	ServerUrl                string `json:"serverUrl"`
 	ApiToken                 string `json:"apiToken"`
 	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }
 
+type AccessConfigForSlackBot struct {
+	BotToken         string `json:"botToken"`
+	DefaultChannelId string `json:"defaultChannelId,omitempty"`
+}
+
 type AccessConfigForSSH struct {
 	Host          string `json:"host"`
 	Port          int32  `json:"port"`
-	Username      string `json:"username"`
+	AuthMethod    string `json:"authMethod,omitempty"`
+	Username      string `json:"username,omitempty"`
 	Password      string `json:"password,omitempty"`
 	Key           string `json:"key,omitempty"`
 	KeyPassphrase string `json:"keyPassphrase,omitempty"`
+	JumpServers   []struct {
+		Host          string `json:"host"`
+		Port          int32  `json:"port"`
+		AuthMethod    string `json:"authMethod,omitempty"`
+		Username      string `json:"username,omitempty"`
+		Password      string `json:"password,omitempty"`
+		Key           string `json:"key,omitempty"`
+		KeyPassphrase string `json:"keyPassphrase,omitempty"`
+	} `json:"jumpServers,omitempty"`
 }
 
 type AccessConfigForSSLCom struct {
@@ -260,7 +348,7 @@ type AccessConfigForSSLCom struct {
 	EabHmacKey string `json:"eabHmacKey"`
 }
 
-type AccessConfigForTelegram struct {
+type AccessConfigForTelegramBot struct {
 	BotToken      string `json:"botToken"`
 	DefaultChatId int64  `json:"defaultChatId,omitempty"`
 }
@@ -276,6 +364,11 @@ type AccessConfigForUCloud struct {
 	ProjectId  string `json:"projectId,omitempty"`
 }
 
+type AccessConfigForUniCloud struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
 type AccessConfigForUpyun struct {
 	Username string `json:"username"`
 	Password string `json:"password"`
@@ -312,7 +405,7 @@ type AccessConfigForWeComBot struct {
 
 type AccessConfigForWestcn struct {
 	Username    string `json:"username"`
-	ApiPassword string `json:"password"`
+	ApiPassword string `json:"apiPassword"`
 }
 
 type AccessConfigForZeroSSL struct {

internal/domain/certificate.go

@@ -8,7 +8,7 @@ import (
 	"strings"
 	"time"
 
-	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
+	xcert "github.com/certimate-go/certimate/pkg/utils/cert"
 )
 
 const CollectionNameCertificate = "certificate"
@@ -20,7 +20,7 @@ type Certificate struct {
 	SerialNumber      string                      `json:"serialNumber" db:"serialNumber"`
 	Certificate       string                      `json:"certificate" db:"certificate"`
 	PrivateKey        string                      `json:"privateKey" db:"privateKey"`
-	Issuer            string                      `json:"issuer" db:"issuer"`
+	IssuerOrg         string                      `json:"issuerOrg" db:"issuerOrg"`
 	IssuerCertificate string                      `json:"issuerCertificate" db:"issuerCertificate"`
 	KeyAlgorithm      CertificateKeyAlgorithmType `json:"keyAlgorithm" db:"keyAlgorithm"`
 	EffectAt          time.Time                   `json:"effectAt" db:"effectAt"`
@@ -28,6 +28,7 @@ type Certificate struct {
 	ACMEAccountUrl    string                      `json:"acmeAccountUrl" db:"acmeAccountUrl"`
 	ACMECertUrl       string                      `json:"acmeCertUrl" db:"acmeCertUrl"`
 	ACMECertStableUrl string                      `json:"acmeCertStableUrl" db:"acmeCertStableUrl"`
+	ACMERenewed       bool                        `json:"acmeRenewed" db:"acmeRenewed"`
 	WorkflowId        string                      `json:"workflowId" db:"workflowId"`
 	WorkflowNodeId    string                      `json:"workflowNodeId" db:"workflowNodeId"`
 	WorkflowRunId     string                      `json:"workflowRunId" db:"workflowRunId"`
@@ -38,7 +39,7 @@ type Certificate struct {
 func (c *Certificate) PopulateFromX509(certX509 *x509.Certificate) *Certificate {
 	c.SubjectAltNames = strings.Join(certX509.DNSNames, ";")
 	c.SerialNumber = strings.ToUpper(certX509.SerialNumber.Text(16))
-	c.Issuer = strings.Join(certX509.Issuer.Organization, ";")
+	c.IssuerOrg = strings.Join(certX509.Issuer.Organization, ";")
 	c.EffectAt = certX509.NotBefore
 	c.ExpireAt = certX509.NotAfter
 
@@ -105,10 +106,10 @@ func (c *Certificate) PopulateFromPEM(certPEM, privkeyPEM string) *Certificate {
 	c.Certificate = certPEM
 	c.PrivateKey = privkeyPEM
 
-	_, issuerCertPEM, _ := certutil.ExtractCertificatesFromPEM(certPEM)
+	_, issuerCertPEM, _ := xcert.ExtractCertificatesFromPEM(certPEM)
 	c.IssuerCertificate = issuerCertPEM
 
-	certX509, _ := certutil.ParseCertificateFromPEM(certPEM)
+	certX509, _ := xcert.ParseCertificateFromPEM(certPEM)
 	if certX509 != nil {
 		c.PopulateFromX509(certX509)
 	}

internal/domain/dtos/notify.go

@@ -1,6 +1,6 @@
 package dtos
 
-import "github.com/usual2970/certimate/internal/domain"
+import "github.com/certimate-go/certimate/internal/domain"
 
 type NotifyTestPushReq struct {
 	Channel domain.NotifyChannelType `json:"channel"`

internal/domain/dtos/workflow.go

@@ -1,6 +1,6 @@
 package dtos
 
-import "github.com/usual2970/certimate/internal/domain"
+import "github.com/certimate-go/certimate/internal/domain"
 
 type WorkflowStartRunReq struct {
 	WorkflowId string                     `json:"-"`

internal/domain/expr/expr.go

@@ -0,0 +1,630 @@
+package expr
+
+import (
+	"encoding/json"
+	"fmt"
+	"strconv"
+)
+
+type (
+	ExprType               string
+	ExprComparisonOperator string
+	ExprLogicalOperator    string
+	ExprValueType          string
+)
+
+const (
+	GreaterThan    ExprComparisonOperator = "gt"
+	GreaterOrEqual ExprComparisonOperator = "gte"
+	LessThan       ExprComparisonOperator = "lt"
+	LessOrEqual    ExprComparisonOperator = "lte"
+	Equal          ExprComparisonOperator = "eq"
+	NotEqual       ExprComparisonOperator = "neq"
+
+	And ExprLogicalOperator = "and"
+	Or  ExprLogicalOperator = "or"
+	Not ExprLogicalOperator = "not"
+
+	Number  ExprValueType = "number"
+	String  ExprValueType = "string"
+	Boolean ExprValueType = "boolean"
+
+	ConstantExprType   ExprType = "const"
+	VariantExprType    ExprType = "var"
+	ComparisonExprType ExprType = "comparison"
+	LogicalExprType    ExprType = "logical"
+	NotExprType        ExprType = "not"
+)
+
+type EvalResult struct {
+	Type  ExprValueType
+	Value any
+}
+
+func (e *EvalResult) GetFloat64() (float64, error) {
+	if e.Type != Number {
+		return 0, fmt.Errorf("type mismatch: %s", e.Type)
+	}
+
+	stringValue, ok := e.Value.(string)
+	if !ok {
+		return 0, fmt.Errorf("value is not a string: %v", e.Value)
+	}
+
+	floatValue, err := strconv.ParseFloat(stringValue, 64)
+	if err != nil {
+		return 0, fmt.Errorf("failed to parse float64: %v", err)
+	}
+	return floatValue, nil
+}
+
+func (e *EvalResult) GetBool() (bool, error) {
+	if e.Type != Boolean {
+		return false, fmt.Errorf("type mismatch: %s", e.Type)
+	}
+
+	strValue, ok := e.Value.(string)
+	if ok {
+		if strValue == "true" {
+			return true, nil
+		} else if strValue == "false" {
+			return false, nil
+		}
+		return false, fmt.Errorf("value is not a boolean: %v", e.Value)
+	}
+
+	boolValue, ok := e.Value.(bool)
+	if !ok {
+		return false, fmt.Errorf("value is not a boolean: %v", e.Value)
+	}
+
+	return boolValue, nil
+}
+
+func (e *EvalResult) GreaterThan(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) > other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left > right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) GreaterOrEqual(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) >= other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left >= right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) LessThan(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) < other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left < right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) LessOrEqual(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) <= other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left <= right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) Equal(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) == other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left == right,
+		}, nil
+
+	case Boolean:
+		left, err := e.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left == right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) NotEqual(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case String:
+		return &EvalResult{
+			Type:  Boolean,
+			Value: e.Value.(string) != other.Value.(string),
+		}, nil
+
+	case Number:
+		left, err := e.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetFloat64()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left != right,
+		}, nil
+
+	case Boolean:
+		left, err := e.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left != right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) And(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case Boolean:
+		left, err := e.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left && right,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) Or(other *EvalResult) (*EvalResult, error) {
+	if e.Type != other.Type {
+		return nil, fmt.Errorf("type mismatch: %s vs %s", e.Type, other.Type)
+	}
+
+	switch e.Type {
+	case Boolean:
+		left, err := e.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		right, err := other.GetBool()
+		if err != nil {
+			return nil, err
+		}
+
+		return &EvalResult{
+			Type:  Boolean,
+			Value: left || right,
+		}, nil
+	default:
+		return nil, fmt.Errorf("unsupported value type: %s", e.Type)
+	}
+}
+
+func (e *EvalResult) Not() (*EvalResult, error) {
+	if e.Type != Boolean {
+		return nil, fmt.Errorf("type mismatch: %s", e.Type)
+	}
+
+	boolValue, err := e.GetBool()
+	if err != nil {
+		return nil, err
+	}
+
+	return &EvalResult{
+		Type:  Boolean,
+		Value: !boolValue,
+	}, nil
+}
+
+type Expr interface {
+	GetType() ExprType
+	Eval(variables map[string]map[string]any) (*EvalResult, error)
+}
+
+type ExprValueSelector struct {
+	Id   string        `json:"id"`
+	Name string        `json:"name"`
+	Type ExprValueType `json:"type"`
+}
+
+type ConstantExpr struct {
+	Type      ExprType      `json:"type"`
+	Value     string        `json:"value"`
+	ValueType ExprValueType `json:"valueType"`
+}
+
+func (c ConstantExpr) GetType() ExprType { return c.Type }
+
+func (c ConstantExpr) Eval(variables map[string]map[string]any) (*EvalResult, error) {
+	return &EvalResult{
+		Type:  c.ValueType,
+		Value: c.Value,
+	}, nil
+}
+
+type VariantExpr struct {
+	Type     ExprType          `json:"type"`
+	Selector ExprValueSelector `json:"selector"`
+}
+
+func (v VariantExpr) GetType() ExprType { return v.Type }
+
+func (v VariantExpr) Eval(variables map[string]map[string]any) (*EvalResult, error) {
+	if v.Selector.Id == "" {
+		return nil, fmt.Errorf("node id is empty")
+	}
+	if v.Selector.Name == "" {
+		return nil, fmt.Errorf("name is empty")
+	}
+
+	if _, ok := variables[v.Selector.Id]; !ok {
+		return nil, fmt.Errorf("node %s not found", v.Selector.Id)
+	}
+
+	if _, ok := variables[v.Selector.Id][v.Selector.Name]; !ok {
+		return nil, fmt.Errorf("variable %s not found in node %s", v.Selector.Name, v.Selector.Id)
+	}
+	return &EvalResult{
+		Type:  v.Selector.Type,
+		Value: variables[v.Selector.Id][v.Selector.Name],
+	}, nil
+}
+
+type ComparisonExpr struct {
+	Type     ExprType               `json:"type"` // compare
+	Operator ExprComparisonOperator `json:"operator"`
+	Left     Expr                   `json:"left"`
+	Right    Expr                   `json:"right"`
+}
+
+func (c ComparisonExpr) GetType() ExprType { return c.Type }
+
+func (c ComparisonExpr) Eval(variables map[string]map[string]any) (*EvalResult, error) {
+	left, err := c.Left.Eval(variables)
+	if err != nil {
+		return nil, err
+	}
+	right, err := c.Right.Eval(variables)
+	if err != nil {
+		return nil, err
+	}
+
+	switch c.Operator {
+	case GreaterThan:
+		return left.GreaterThan(right)
+	case LessThan:
+		return left.LessThan(right)
+	case GreaterOrEqual:
+		return left.GreaterOrEqual(right)
+	case LessOrEqual:
+		return left.LessOrEqual(right)
+	case Equal:
+		return left.Equal(right)
+	case NotEqual:
+		return left.NotEqual(right)
+	default:
+		return nil, fmt.Errorf("unknown expression operator: %s", c.Operator)
+	}
+}
+
+type LogicalExpr struct {
+	Type     ExprType            `json:"type"` // logical
+	Operator ExprLogicalOperator `json:"operator"`
+	Left     Expr                `json:"left"`
+	Right    Expr                `json:"right"`
+}
+
+func (l LogicalExpr) GetType() ExprType { return l.Type }
+
+func (l LogicalExpr) Eval(variables map[string]map[string]any) (*EvalResult, error) {
+	left, err := l.Left.Eval(variables)
+	if err != nil {
+		return nil, err
+	}
+	right, err := l.Right.Eval(variables)
+	if err != nil {
+		return nil, err
+	}
+
+	switch l.Operator {
+	case And:
+		return left.And(right)
+	case Or:
+		return left.Or(right)
+	default:
+		return nil, fmt.Errorf("unknown expression operator: %s", l.Operator)
+	}
+}
+
+type NotExpr struct {
+	Type ExprType `json:"type"` // not
+	Expr Expr     `json:"expr"`
+}
+
+func (n NotExpr) GetType() ExprType { return n.Type }
+
+func (n NotExpr) Eval(variables map[string]map[string]any) (*EvalResult, error) {
+	inner, err := n.Expr.Eval(variables)
+	if err != nil {
+		return nil, err
+	}
+	return inner.Not()
+}
+
+type rawExpr struct {
+	Type ExprType `json:"type"`
+}
+
+func MarshalExpr(e Expr) ([]byte, error) {
+	return json.Marshal(e)
+}
+
+func UnmarshalExpr(data []byte) (Expr, error) {
+	var typ rawExpr
+	if err := json.Unmarshal(data, &typ); err != nil {
+		return nil, err
+	}
+
+	switch typ.Type {
+	case ConstantExprType:
+		var e ConstantExpr
+		if err := json.Unmarshal(data, &e); err != nil {
+			return nil, err
+		}
+		return e, nil
+	case VariantExprType:
+		var e VariantExpr
+		if err := json.Unmarshal(data, &e); err != nil {
+			return nil, err
+		}
+		return e, nil
+	case ComparisonExprType:
+		var e ComparisonExprRaw
+		if err := json.Unmarshal(data, &e); err != nil {
+			return nil, err
+		}
+		return e.ToComparisonExpr()
+	case LogicalExprType:
+		var e LogicalExprRaw
+		if err := json.Unmarshal(data, &e); err != nil {
+			return nil, err
+		}
+		return e.ToLogicalExpr()
+	case NotExprType:
+		var e NotExprRaw
+		if err := json.Unmarshal(data, &e); err != nil {
+			return nil, err
+		}
+		return e.ToNotExpr()
+	default:
+		return nil, fmt.Errorf("unknown expression type: %s", typ.Type)
+	}
+}
+
+type ComparisonExprRaw struct {
+	Type     ExprType               `json:"type"`
+	Operator ExprComparisonOperator `json:"operator"`
+	Left     json.RawMessage        `json:"left"`
+	Right    json.RawMessage        `json:"right"`
+}
+
+func (r ComparisonExprRaw) ToComparisonExpr() (ComparisonExpr, error) {
+	leftExpr, err := UnmarshalExpr(r.Left)
+	if err != nil {
+		return ComparisonExpr{}, err
+	}
+	rightExpr, err := UnmarshalExpr(r.Right)
+	if err != nil {
+		return ComparisonExpr{}, err
+	}
+	return ComparisonExpr{
+		Type:     r.Type,
+		Operator: r.Operator,
+		Left:     leftExpr,
+		Right:    rightExpr,
+	}, nil
+}
+
+type LogicalExprRaw struct {
+	Type     ExprType            `json:"type"`
+	Operator ExprLogicalOperator `json:"operator"`
+	Left     json.RawMessage     `json:"left"`
+	Right    json.RawMessage     `json:"right"`
+}
+
+func (r LogicalExprRaw) ToLogicalExpr() (LogicalExpr, error) {
+	left, err := UnmarshalExpr(r.Left)
+	if err != nil {
+		return LogicalExpr{}, err
+	}
+	right, err := UnmarshalExpr(r.Right)
+	if err != nil {
+		return LogicalExpr{}, err
+	}
+	return LogicalExpr{
+		Type:     r.Type,
+		Operator: r.Operator,
+		Left:     left,
+		Right:    right,
+	}, nil
+}
+
+type NotExprRaw struct {
+	Type ExprType        `json:"type"`
+	Expr json.RawMessage `json:"expr"`
+}
+
+func (r NotExprRaw) ToNotExpr() (NotExpr, error) {
+	inner, err := UnmarshalExpr(r.Expr)
+	if err != nil {
+		return NotExpr{}, err
+	}
+	return NotExpr{
+		Type: r.Type,
+		Expr: inner,
+	}, nil
+}

internal/domain/expr/expr_test.go

@@ -0,0 +1,127 @@
+package expr
+
+import (
+	"testing"
+)
+
+func TestLogicalEval(t *testing.T) {
+	// 测试逻辑表达式 and
+	logicalExpr := LogicalExpr{
+		Left: ConstantExpr{
+			Type:      "const",
+			Value:     "true",
+			ValueType: "boolean",
+		},
+		Operator: And,
+		Right: ConstantExpr{
+			Type:      "const",
+			Value:     "true",
+			ValueType: "boolean",
+		},
+	}
+	result, err := logicalExpr.Eval(nil)
+	if err != nil {
+		t.Errorf("failed to evaluate logical expression: %v", err)
+	}
+	if result.Value != true {
+		t.Errorf("expected true, got %v", result)
+	}
+
+	// 测试逻辑表达式 or
+	orExpr := LogicalExpr{
+		Left: ConstantExpr{
+			Type:      "const",
+			Value:     "true",
+			ValueType: "boolean",
+		},
+		Operator: Or,
+		Right: ConstantExpr{
+			Type:      "const",
+			Value:     "true",
+			ValueType: "boolean",
+		},
+	}
+	result, err = orExpr.Eval(nil)
+	if err != nil {
+		t.Errorf("failed to evaluate logical expression: %v", err)
+	}
+	if result.Value != true {
+		t.Errorf("expected true, got %v", result)
+	}
+}
+
+func TestUnmarshalExpr(t *testing.T) {
+	type args struct {
+		data []byte
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    Expr
+		wantErr bool
+	}{
+		{
+			name: "test1",
+			args: args{
+				data: []byte(`{"left":{"left":{"selector":{"id":"ODnYSOXB6HQP2_vz6JcZE","name":"certificate.validity","type":"boolean"},"type":"var"},"operator":"is","right":{"type":"const","value":true,"valueType":"boolean"},"type":"comparison"},"operator":"and","right":{"left":{"selector":{"id":"ODnYSOXB6HQP2_vz6JcZE","name":"certificate.daysLeft","type":"number"},"type":"var"},"operator":"eq","right":{"type":"const","value":2,"valueType":"number"},"type":"comparison"},"type":"logical"}`),
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := UnmarshalExpr(tt.args.data)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("UnmarshalExpr() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got == nil {
+				t.Errorf("UnmarshalExpr() got = nil, want %v", tt.want)
+				return
+			}
+		})
+	}
+}
+
+func TestExpr_Eval(t *testing.T) {
+	type args struct {
+		variables map[string]map[string]any
+		data      []byte
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    *EvalResult
+		wantErr bool
+	}{
+		{
+			name: "test1",
+			args: args{
+				variables: map[string]map[string]any{
+					"ODnYSOXB6HQP2_vz6JcZE": {
+						"certificate.validity": true,
+						"certificate.daysLeft": 2,
+					},
+				},
+				data: []byte(`{"left":{"left":{"selector":{"id":"ODnYSOXB6HQP2_vz6JcZE","name":"certificate.validity","type":"boolean"},"type":"var"},"operator":"is","right":{"type":"const","value":true,"valueType":"boolean"},"type":"comparison"},"operator":"and","right":{"left":{"selector":{"id":"ODnYSOXB6HQP2_vz6JcZE","name":"certificate.daysLeft","type":"number"},"type":"var"},"operator":"eq","right":{"type":"const","value":2,"valueType":"number"},"type":"comparison"},"type":"logical"}`),
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			c, err := UnmarshalExpr(tt.args.data)
+			if err != nil {
+				t.Errorf("UnmarshalExpr() error = %v", err)
+				return
+			}
+			got, err := c.Eval(tt.args.variables)
+			t.Log("got:", got)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("ConstExpr.Eval() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got.Value != true {
+				t.Errorf("ConstExpr.Eval() got = %v, want %v", got.Value, true)
+			}
+		})
+	}
+}

internal/domain/provider.go

@@ -10,15 +10,17 @@ type AccessProviderType string
 */
 const (
 	AccessProviderType1Panel              = AccessProviderType("1panel")
-	AccessProviderTypeACMECA              = AccessProviderType("acmeca") // ACME CA（预留）
+	AccessProviderTypeACMECA              = AccessProviderType("acmeca")
 	AccessProviderTypeACMEHttpReq         = AccessProviderType("acmehttpreq")
 	AccessProviderTypeAkamai              = AccessProviderType("akamai") // Akamai（预留）
 	AccessProviderTypeAliyun              = AccessProviderType("aliyun")
+	AccessProviderTypeAPISIX              = AccessProviderType("apisix")
 	AccessProviderTypeAWS                 = AccessProviderType("aws")
 	AccessProviderTypeAzure               = AccessProviderType("azure")
 	AccessProviderTypeBaiduCloud          = AccessProviderType("baiducloud")
 	AccessProviderTypeBaishan             = AccessProviderType("baishan")
 	AccessProviderTypeBaotaPanel          = AccessProviderType("baotapanel")
+	AccessProviderTypeBaotaWAF            = AccessProviderType("baotawaf")
 	AccessProviderTypeBytePlus            = AccessProviderType("byteplus")
 	AccessProviderTypeBunny               = AccessProviderType("bunny")
 	AccessProviderTypeBuypass             = AccessProviderType("buypass")
@@ -27,29 +29,34 @@ const (
 	AccessProviderTypeCloudflare          = AccessProviderType("cloudflare")
 	AccessProviderTypeClouDNS             = AccessProviderType("cloudns")
 	AccessProviderTypeCMCCCloud           = AccessProviderType("cmcccloud")
-	AccessProviderTypeCTCCCloud           = AccessProviderType("ctcccloud") // 天翼云（预留）
+	AccessProviderTypeConstellix          = AccessProviderType("constellix")
+	AccessProviderTypeCTCCCloud           = AccessProviderType("ctcccloud")
 	AccessProviderTypeCUCCCloud           = AccessProviderType("cucccloud") // 联通云（预留）
 	AccessProviderTypeDeSEC               = AccessProviderType("desec")
+	AccessProviderTypeDigitalOcean        = AccessProviderType("digitalocean")
 	AccessProviderTypeDingTalkBot         = AccessProviderType("dingtalkbot")
+	AccessProviderTypeDiscordBot          = AccessProviderType("discordbot")
 	AccessProviderTypeDNSLA               = AccessProviderType("dnsla")
 	AccessProviderTypeDogeCloud           = AccessProviderType("dogecloud")
+	AccessProviderTypeDuckDNS             = AccessProviderType("duckdns")
 	AccessProviderTypeDynv6               = AccessProviderType("dynv6")
 	AccessProviderTypeEdgio               = AccessProviderType("edgio")
 	AccessProviderTypeEmail               = AccessProviderType("email")
-	AccessProviderTypeFastly              = AccessProviderType("fastly")  // Fastly（预留）
-	AccessProviderTypeFlexCDN             = AccessProviderType("flexcdn") // FlexCDN（预留）
+	AccessProviderTypeFastly              = AccessProviderType("fastly") // Fastly（预留）
+	AccessProviderTypeFlexCDN             = AccessProviderType("flexcdn")
 	AccessProviderTypeGname               = AccessProviderType("gname")
 	AccessProviderTypeGcore               = AccessProviderType("gcore")
 	AccessProviderTypeGoDaddy             = AccessProviderType("godaddy")
 	AccessProviderTypeGoEdge              = AccessProviderType("goedge")
 	AccessProviderTypeGoogleTrustServices = AccessProviderType("googletrustservices")
+	AccessProviderTypeHetzner             = AccessProviderType("hetzner")
 	AccessProviderTypeHuaweiCloud         = AccessProviderType("huaweicloud")
 	AccessProviderTypeJDCloud             = AccessProviderType("jdcloud")
 	AccessProviderTypeKubernetes          = AccessProviderType("k8s")
 	AccessProviderTypeLarkBot             = AccessProviderType("larkbot")
 	AccessProviderTypeLetsEncrypt         = AccessProviderType("letsencrypt")
 	AccessProviderTypeLetsEncryptStaging  = AccessProviderType("letsencryptstaging")
-	AccessProviderTypeLeCDN               = AccessProviderType("lecdn") // LeCDN（预留）
+	AccessProviderTypeLeCDN               = AccessProviderType("lecdn")
 	AccessProviderTypeLocal               = AccessProviderType("local")
 	AccessProviderTypeMattermost          = AccessProviderType("mattermost")
 	AccessProviderTypeNamecheap           = AccessProviderType("namecheap")
@@ -64,12 +71,15 @@ const (
 	AccessProviderTypeQiniu               = AccessProviderType("qiniu")
 	AccessProviderTypeQingCloud           = AccessProviderType("qingcloud") // 青云（预留）
 	AccessProviderTypeRainYun             = AccessProviderType("rainyun")
+	AccessProviderTypeRatPanel            = AccessProviderType("ratpanel")
 	AccessProviderTypeSafeLine            = AccessProviderType("safeline")
+	AccessProviderTypeSlackBot            = AccessProviderType("slackbot")
 	AccessProviderTypeSSH                 = AccessProviderType("ssh")
 	AccessProviderTypeSSLCOM              = AccessProviderType("sslcom")
-	AccessProviderTypeTelegram            = AccessProviderType("telegram")
+	AccessProviderTypeTelegramBot         = AccessProviderType("telegrambot")
 	AccessProviderTypeTencentCloud        = AccessProviderType("tencentcloud")
 	AccessProviderTypeUCloud              = AccessProviderType("ucloud")
+	AccessProviderTypeUniCloud            = AccessProviderType("unicloud")
 	AccessProviderTypeUpyun               = AccessProviderType("upyun")
 	AccessProviderTypeVercel              = AccessProviderType("vercel")
 	AccessProviderTypeVolcEngine          = AccessProviderType("volcengine")
@@ -90,6 +100,7 @@ type CAProviderType string
 	NOTICE: If you add new constant, please keep ASCII order.
 */
 const (
+	CAProviderTypeACMECA              = CAProviderType(AccessProviderTypeACMECA)
 	CAProviderTypeBuypass             = CAProviderType(AccessProviderTypeBuypass)
 	CAProviderTypeGoogleTrustServices = CAProviderType(AccessProviderTypeGoogleTrustServices)
 	CAProviderTypeLetsEncrypt         = CAProviderType(AccessProviderTypeLetsEncrypt)
@@ -108,46 +119,54 @@ ACME DNS-01 提供商常量值。
 	NOTICE: If you add new constant, please keep ASCII order.
 */
 const (
-	ACMEDns01ProviderTypeACMEHttpReq     = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq)
-	ACMEDns01ProviderTypeAliyun          = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAliyunDNS]
-	ACMEDns01ProviderTypeAliyunDNS       = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns")
-	ACMEDns01ProviderTypeAliyunESA       = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-esa")
-	ACMEDns01ProviderTypeAWS             = ACMEDns01ProviderType(AccessProviderTypeAWS) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAWSRoute53]
-	ACMEDns01ProviderTypeAWSRoute53      = ACMEDns01ProviderType(AccessProviderTypeAWS + "-route53")
-	ACMEDns01ProviderTypeAzure           = ACMEDns01ProviderType(AccessProviderTypeAzure) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAzure]
-	ACMEDns01ProviderTypeAzureDNS        = ACMEDns01ProviderType(AccessProviderTypeAzure + "-dns")
-	ACMEDns01ProviderTypeBaiduCloud      = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeBaiduCloudDNS]
-	ACMEDns01ProviderTypeBaiduCloudDNS   = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud + "-dns")
-	ACMEDns01ProviderTypeBunny           = ACMEDns01ProviderType(AccessProviderTypeBunny)
-	ACMEDns01ProviderTypeCloudflare      = ACMEDns01ProviderType(AccessProviderTypeCloudflare)
-	ACMEDns01ProviderTypeClouDNS         = ACMEDns01ProviderType(AccessProviderTypeClouDNS)
-	ACMEDns01ProviderTypeCMCCCloud       = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud)
-	ACMEDns01ProviderTypeDeSEC           = ACMEDns01ProviderType(AccessProviderTypeDeSEC)
-	ACMEDns01ProviderTypeDNSLA           = ACMEDns01ProviderType(AccessProviderTypeDNSLA)
-	ACMEDns01ProviderTypeDynv6           = ACMEDns01ProviderType(AccessProviderTypeDynv6)
-	ACMEDns01ProviderTypeGcore           = ACMEDns01ProviderType(AccessProviderTypeGcore)
-	ACMEDns01ProviderTypeGname           = ACMEDns01ProviderType(AccessProviderTypeGname)
-	ACMEDns01ProviderTypeGoDaddy         = ACMEDns01ProviderType(AccessProviderTypeGoDaddy)
-	ACMEDns01ProviderTypeHuaweiCloud     = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeHuaweiCloudDNS]
-	ACMEDns01ProviderTypeHuaweiCloudDNS  = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud + "-dns")
-	ACMEDns01ProviderTypeJDCloud         = ACMEDns01ProviderType(AccessProviderTypeJDCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeJDCloudDNS]
-	ACMEDns01ProviderTypeJDCloudDNS      = ACMEDns01ProviderType(AccessProviderTypeJDCloud + "-dns")
-	ACMEDns01ProviderTypeNamecheap       = ACMEDns01ProviderType(AccessProviderTypeNamecheap)
-	ACMEDns01ProviderTypeNameDotCom      = ACMEDns01ProviderType(AccessProviderTypeNameDotCom)
-	ACMEDns01ProviderTypeNameSilo        = ACMEDns01ProviderType(AccessProviderTypeNameSilo)
-	ACMEDns01ProviderTypeNetcup          = ACMEDns01ProviderType(AccessProviderTypeNetcup)
-	ACMEDns01ProviderTypeNetlify         = ACMEDns01ProviderType(AccessProviderTypeNetlify)
-	ACMEDns01ProviderTypeNS1             = ACMEDns01ProviderType(AccessProviderTypeNS1)
-	ACMEDns01ProviderTypePorkbun         = ACMEDns01ProviderType(AccessProviderTypePorkbun)
-	ACMEDns01ProviderTypePowerDNS        = ACMEDns01ProviderType(AccessProviderTypePowerDNS)
-	ACMEDns01ProviderTypeRainYun         = ACMEDns01ProviderType(AccessProviderTypeRainYun)
-	ACMEDns01ProviderTypeTencentCloud    = ACMEDns01ProviderType(AccessProviderTypeTencentCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeTencentCloudDNS]
-	ACMEDns01ProviderTypeTencentCloudDNS = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-dns")
-	ACMEDns01ProviderTypeTencentCloudEO  = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-eo")
-	ACMEDns01ProviderTypeVercel          = ACMEDns01ProviderType(AccessProviderTypeVercel)
-	ACMEDns01ProviderTypeVolcEngine      = ACMEDns01ProviderType(AccessProviderTypeVolcEngine) // 兼容旧值，等同于 [ACMEDns01ProviderTypeVolcEngineDNS]
-	ACMEDns01ProviderTypeVolcEngineDNS   = ACMEDns01ProviderType(AccessProviderTypeVolcEngine + "-dns")
-	ACMEDns01ProviderTypeWestcn          = ACMEDns01ProviderType(AccessProviderTypeWestcn)
+	ACMEDns01ProviderTypeACMEHttpReq       = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq)
+	ACMEDns01ProviderTypeAliyun            = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAliyunDNS]
+	ACMEDns01ProviderTypeAliyunDNS         = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns")
+	ACMEDns01ProviderTypeAliyunESA         = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-esa")
+	ACMEDns01ProviderTypeAWS               = ACMEDns01ProviderType(AccessProviderTypeAWS) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAWSRoute53]
+	ACMEDns01ProviderTypeAWSRoute53        = ACMEDns01ProviderType(AccessProviderTypeAWS + "-route53")
+	ACMEDns01ProviderTypeAzure             = ACMEDns01ProviderType(AccessProviderTypeAzure) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAzure]
+	ACMEDns01ProviderTypeAzureDNS          = ACMEDns01ProviderType(AccessProviderTypeAzure + "-dns")
+	ACMEDns01ProviderTypeBaiduCloud        = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeBaiduCloudDNS]
+	ACMEDns01ProviderTypeBaiduCloudDNS     = ACMEDns01ProviderType(AccessProviderTypeBaiduCloud + "-dns")
+	ACMEDns01ProviderTypeBunny             = ACMEDns01ProviderType(AccessProviderTypeBunny)
+	ACMEDns01ProviderTypeCloudflare        = ACMEDns01ProviderType(AccessProviderTypeCloudflare)
+	ACMEDns01ProviderTypeClouDNS           = ACMEDns01ProviderType(AccessProviderTypeClouDNS)
+	ACMEDns01ProviderTypeCMCCCloud         = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeCMCCCloudDNS]
+	ACMEDns01ProviderTypeCMCCCloudDNS      = ACMEDns01ProviderType(AccessProviderTypeCMCCCloud + "-dns")
+	ACMEDns01ProviderTypeConstellix        = ACMEDns01ProviderType(AccessProviderTypeConstellix)
+	ACMEDns01ProviderTypeCTCCCloud         = ACMEDns01ProviderType(AccessProviderTypeCTCCCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeCTCCCloudSmartDNS]
+	ACMEDns01ProviderTypeCTCCCloudSmartDNS = ACMEDns01ProviderType(AccessProviderTypeCTCCCloud + "-smartdns")
+	ACMEDns01ProviderTypeDeSEC             = ACMEDns01ProviderType(AccessProviderTypeDeSEC)
+	ACMEDns01ProviderTypeDigitalOcean      = ACMEDns01ProviderType(AccessProviderTypeDigitalOcean)
+	ACMEDns01ProviderTypeDNSLA             = ACMEDns01ProviderType(AccessProviderTypeDNSLA)
+	ACMEDns01ProviderTypeDuckDNS           = ACMEDns01ProviderType(AccessProviderTypeDuckDNS)
+	ACMEDns01ProviderTypeDynv6             = ACMEDns01ProviderType(AccessProviderTypeDynv6)
+	ACMEDns01ProviderTypeGcore             = ACMEDns01ProviderType(AccessProviderTypeGcore)
+	ACMEDns01ProviderTypeGname             = ACMEDns01ProviderType(AccessProviderTypeGname)
+	ACMEDns01ProviderTypeGoDaddy           = ACMEDns01ProviderType(AccessProviderTypeGoDaddy)
+	ACMEDns01ProviderTypeHetzner           = ACMEDns01ProviderType(AccessProviderTypeHetzner)
+	ACMEDns01ProviderTypeHuaweiCloud       = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeHuaweiCloudDNS]
+	ACMEDns01ProviderTypeHuaweiCloudDNS    = ACMEDns01ProviderType(AccessProviderTypeHuaweiCloud + "-dns")
+	ACMEDns01ProviderTypeJDCloud           = ACMEDns01ProviderType(AccessProviderTypeJDCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeJDCloudDNS]
+	ACMEDns01ProviderTypeJDCloudDNS        = ACMEDns01ProviderType(AccessProviderTypeJDCloud + "-dns")
+	ACMEDns01ProviderTypeNamecheap         = ACMEDns01ProviderType(AccessProviderTypeNamecheap)
+	ACMEDns01ProviderTypeNameDotCom        = ACMEDns01ProviderType(AccessProviderTypeNameDotCom)
+	ACMEDns01ProviderTypeNameSilo          = ACMEDns01ProviderType(AccessProviderTypeNameSilo)
+	ACMEDns01ProviderTypeNetcup            = ACMEDns01ProviderType(AccessProviderTypeNetcup)
+	ACMEDns01ProviderTypeNetlify           = ACMEDns01ProviderType(AccessProviderTypeNetlify)
+	ACMEDns01ProviderTypeNS1               = ACMEDns01ProviderType(AccessProviderTypeNS1)
+	ACMEDns01ProviderTypePorkbun           = ACMEDns01ProviderType(AccessProviderTypePorkbun)
+	ACMEDns01ProviderTypePowerDNS          = ACMEDns01ProviderType(AccessProviderTypePowerDNS)
+	ACMEDns01ProviderTypeRainYun           = ACMEDns01ProviderType(AccessProviderTypeRainYun)
+	ACMEDns01ProviderTypeTencentCloud      = ACMEDns01ProviderType(AccessProviderTypeTencentCloud) // 兼容旧值，等同于 [ACMEDns01ProviderTypeTencentCloudDNS]
+	ACMEDns01ProviderTypeTencentCloudDNS   = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-dns")
+	ACMEDns01ProviderTypeTencentCloudEO    = ACMEDns01ProviderType(AccessProviderTypeTencentCloud + "-eo")
+	ACMEDns01ProviderTypeUCloudUDNR        = ACMEDns01ProviderType(AccessProviderTypeUCloud + "-udnr")
+	ACMEDns01ProviderTypeVercel            = ACMEDns01ProviderType(AccessProviderTypeVercel)
+	ACMEDns01ProviderTypeVolcEngine        = ACMEDns01ProviderType(AccessProviderTypeVolcEngine) // 兼容旧值，等同于 [ACMEDns01ProviderTypeVolcEngineDNS]
+	ACMEDns01ProviderTypeVolcEngineDNS     = ACMEDns01ProviderType(AccessProviderTypeVolcEngine + "-dns")
+	ACMEDns01ProviderTypeWestcn            = ACMEDns01ProviderType(AccessProviderTypeWestcn)
 )
 
 type DeploymentProviderType string
@@ -172,14 +191,16 @@ const (
 	DeploymentProviderTypeAliyunDDoS            = DeploymentProviderType(AccessProviderTypeAliyun + "-ddos")
 	DeploymentProviderTypeAliyunESA             = DeploymentProviderType(AccessProviderTypeAliyun + "-esa")
 	DeploymentProviderTypeAliyunFC              = DeploymentProviderType(AccessProviderTypeAliyun + "-fc")
-	DeploymentProviderTypeAliyunGA              = DeploymentProviderType(AccessProviderTypeAliyun + "-ga") // 阿里云全球加速（预留）
+	DeploymentProviderTypeAliyunGA              = DeploymentProviderType(AccessProviderTypeAliyun + "-ga")
 	DeploymentProviderTypeAliyunLive            = DeploymentProviderType(AccessProviderTypeAliyun + "-live")
 	DeploymentProviderTypeAliyunNLB             = DeploymentProviderType(AccessProviderTypeAliyun + "-nlb")
 	DeploymentProviderTypeAliyunOSS             = DeploymentProviderType(AccessProviderTypeAliyun + "-oss")
 	DeploymentProviderTypeAliyunVOD             = DeploymentProviderType(AccessProviderTypeAliyun + "-vod")
 	DeploymentProviderTypeAliyunWAF             = DeploymentProviderType(AccessProviderTypeAliyun + "-waf")
+	DeploymentProviderTypeAPISIX                = DeploymentProviderType(AccessProviderTypeAWS + "-apisix")
 	DeploymentProviderTypeAWSACM                = DeploymentProviderType(AccessProviderTypeAWS + "-acm")
 	DeploymentProviderTypeAWSCloudFront         = DeploymentProviderType(AccessProviderTypeAWS + "-cloudfront")
+	DeploymentProviderTypeAWSIAM                = DeploymentProviderType(AccessProviderTypeAWS + "-iam")
 	DeploymentProviderTypeAzureKeyVault         = DeploymentProviderType(AccessProviderTypeAzure + "-keyvault")
 	DeploymentProviderTypeBaiduCloudAppBLB      = DeploymentProviderType(AccessProviderTypeBaiduCloud + "-appblb")
 	DeploymentProviderTypeBaiduCloudBLB         = DeploymentProviderType(AccessProviderTypeBaiduCloud + "-blb")
@@ -188,13 +209,21 @@ const (
 	DeploymentProviderTypeBaishanCDN            = DeploymentProviderType(AccessProviderTypeBaishan + "-cdn")
 	DeploymentProviderTypeBaotaPanelConsole     = DeploymentProviderType(AccessProviderTypeBaotaPanel + "-console")
 	DeploymentProviderTypeBaotaPanelSite        = DeploymentProviderType(AccessProviderTypeBaotaPanel + "-site")
+	DeploymentProviderTypeBaotaWAFConsole       = DeploymentProviderType(AccessProviderTypeBaotaWAF + "-console")
+	DeploymentProviderTypeBaotaWAFSite          = DeploymentProviderType(AccessProviderTypeBaotaWAF + "-site")
 	DeploymentProviderTypeBunnyCDN              = DeploymentProviderType(AccessProviderTypeBunny + "-cdn")
 	DeploymentProviderTypeBytePlusCDN           = DeploymentProviderType(AccessProviderTypeBytePlus + "-cdn")
 	DeploymentProviderTypeCacheFly              = DeploymentProviderType(AccessProviderTypeCacheFly)
 	DeploymentProviderTypeCdnfly                = DeploymentProviderType(AccessProviderTypeCdnfly)
+	DeploymentProviderTypeCTCCCloudAO           = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-ao")
+	DeploymentProviderTypeCTCCCloudCDN          = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-cdn")
+	DeploymentProviderTypeCTCCCloudCMS          = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-cms")
+	DeploymentProviderTypeCTCCCloudELB          = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-elb")
+	DeploymentProviderTypeCTCCCloudICDN         = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-icdn")
+	DeploymentProviderTypeCTCCCloudLVDN         = DeploymentProviderType(AccessProviderTypeCTCCCloud + "-ldvn")
 	DeploymentProviderTypeDogeCloudCDN          = DeploymentProviderType(AccessProviderTypeDogeCloud + "-cdn")
 	DeploymentProviderTypeEdgioApplications     = DeploymentProviderType(AccessProviderTypeEdgio + "-applications")
-	DeploymentProviderTypeFlexCDN               = DeploymentProviderType(AccessProviderTypeFlexCDN) // FlexCDN（预留）
+	DeploymentProviderTypeFlexCDN               = DeploymentProviderType(AccessProviderTypeFlexCDN)
 	DeploymentProviderTypeGcoreCDN              = DeploymentProviderType(AccessProviderTypeGcore + "-cdn")
 	DeploymentProviderTypeGoEdge                = DeploymentProviderType(AccessProviderTypeGoEdge)
 	DeploymentProviderTypeHuaweiCloudCDN        = DeploymentProviderType(AccessProviderTypeHuaweiCloud + "-cdn")
@@ -206,7 +235,7 @@ const (
 	DeploymentProviderTypeJDCloudLive           = DeploymentProviderType(AccessProviderTypeJDCloud + "-live")
 	DeploymentProviderTypeJDCloudVOD            = DeploymentProviderType(AccessProviderTypeJDCloud + "-vod")
 	DeploymentProviderTypeKubernetesSecret      = DeploymentProviderType(AccessProviderTypeKubernetes + "-secret")
-	DeploymentProviderTypeLeCDN                 = DeploymentProviderType(AccessProviderTypeLeCDN) // LeCDN（预留）
+	DeploymentProviderTypeLeCDN                 = DeploymentProviderType(AccessProviderTypeLeCDN)
 	DeploymentProviderTypeLocal                 = DeploymentProviderType(AccessProviderTypeLocal)
 	DeploymentProviderTypeNetlifySite           = DeploymentProviderType(AccessProviderTypeNetlify + "-site")
 	DeploymentProviderTypeProxmoxVE             = DeploymentProviderType(AccessProviderTypeProxmoxVE)
@@ -214,6 +243,8 @@ const (
 	DeploymentProviderTypeQiniuKodo             = DeploymentProviderType(AccessProviderTypeQiniu + "-kodo")
 	DeploymentProviderTypeQiniuPili             = DeploymentProviderType(AccessProviderTypeQiniu + "-pili")
 	DeploymentProviderTypeRainYunRCDN           = DeploymentProviderType(AccessProviderTypeRainYun + "-rcdn")
+	DeploymentProviderTypeRatPanelConsole       = DeploymentProviderType(AccessProviderTypeRatPanel + "-console")
+	DeploymentProviderTypeRatPanelSite          = DeploymentProviderType(AccessProviderTypeRatPanel + "-site")
 	DeploymentProviderTypeSafeLine              = DeploymentProviderType(AccessProviderTypeSafeLine)
 	DeploymentProviderTypeSSH                   = DeploymentProviderType(AccessProviderTypeSSH)
 	DeploymentProviderTypeTencentCloudCDN       = DeploymentProviderType(AccessProviderTypeTencentCloud + "-cdn")
@@ -222,6 +253,7 @@ const (
 	DeploymentProviderTypeTencentCloudCSS       = DeploymentProviderType(AccessProviderTypeTencentCloud + "-css")
 	DeploymentProviderTypeTencentCloudECDN      = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ecdn")
 	DeploymentProviderTypeTencentCloudEO        = DeploymentProviderType(AccessProviderTypeTencentCloud + "-eo")
+	DeploymentProviderTypeTencentCloudGAAP      = DeploymentProviderType(AccessProviderTypeTencentCloud + "-gaap")
 	DeploymentProviderTypeTencentCloudSCF       = DeploymentProviderType(AccessProviderTypeTencentCloud + "-scf")
 	DeploymentProviderTypeTencentCloudSSL       = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ssl")
 	DeploymentProviderTypeTencentCloudSSLDeploy = DeploymentProviderType(AccessProviderTypeTencentCloud + "-ssldeploy")
@@ -229,6 +261,7 @@ const (
 	DeploymentProviderTypeTencentCloudWAF       = DeploymentProviderType(AccessProviderTypeTencentCloud + "-waf")
 	DeploymentProviderTypeUCloudUCDN            = DeploymentProviderType(AccessProviderTypeUCloud + "-ucdn")
 	DeploymentProviderTypeUCloudUS3             = DeploymentProviderType(AccessProviderTypeUCloud + "-us3")
+	DeploymentProviderTypeUniCloudWebHost       = DeploymentProviderType(AccessProviderTypeUniCloud + "-webhost")
 	DeploymentProviderTypeUpyunCDN              = DeploymentProviderType(AccessProviderTypeUpyun + "-cdn")
 	DeploymentProviderTypeUpyunFile             = DeploymentProviderType(AccessProviderTypeUpyun + "-file")
 	DeploymentProviderTypeVolcEngineALB         = DeploymentProviderType(AccessProviderTypeVolcEngine + "-alb")
@@ -239,9 +272,9 @@ const (
 	DeploymentProviderTypeVolcEngineImageX      = DeploymentProviderType(AccessProviderTypeVolcEngine + "-imagex")
 	DeploymentProviderTypeVolcEngineLive        = DeploymentProviderType(AccessProviderTypeVolcEngine + "-live")
 	DeploymentProviderTypeVolcEngineTOS         = DeploymentProviderType(AccessProviderTypeVolcEngine + "-tos")
-	DeploymentProviderTypeWangsuCDN             = DeploymentProviderType(AccessProviderTypeWangsu + "-cdn") // 网宿 CDN（预留）
+	DeploymentProviderTypeWangsuCDN             = DeploymentProviderType(AccessProviderTypeWangsu + "-cdn")
 	DeploymentProviderTypeWangsuCDNPro          = DeploymentProviderType(AccessProviderTypeWangsu + "-cdnpro")
-	DeploymentProviderTypeWangsuCert            = DeploymentProviderType(AccessProviderTypeWangsu + "-cert") // 网宿证书管理（预留）
+	DeploymentProviderTypeWangsuCertificate     = DeploymentProviderType(AccessProviderTypeWangsu + "-certificate")
 	DeploymentProviderTypeWebhook               = DeploymentProviderType(AccessProviderTypeWebhook)
 )
 
@@ -256,10 +289,12 @@ type NotificationProviderType string
 */
 const (
 	NotificationProviderTypeDingTalkBot = NotificationProviderType(AccessProviderTypeDingTalkBot)
+	NotificationProviderTypeDiscordBot  = NotificationProviderType(AccessProviderTypeDiscordBot)
 	NotificationProviderTypeEmail       = NotificationProviderType(AccessProviderTypeEmail)
 	NotificationProviderTypeLarkBot     = NotificationProviderType(AccessProviderTypeLarkBot)
 	NotificationProviderTypeMattermost  = NotificationProviderType(AccessProviderTypeMattermost)
-	NotificationProviderTypeTelegram    = NotificationProviderType(AccessProviderTypeTelegram)
+	NotificationProviderTypeSlackBot    = NotificationProviderType(AccessProviderTypeSlackBot)
+	NotificationProviderTypeTelegramBot = NotificationProviderType(AccessProviderTypeTelegramBot)
 	NotificationProviderTypeWebhook     = NotificationProviderType(AccessProviderTypeWebhook)
 	NotificationProviderTypeWeComBot    = NotificationProviderType(AccessProviderTypeWeComBot)
 )

internal/domain/workflow.go

@@ -1,9 +1,11 @@
 package domain
 
 import (
+	"encoding/json"
 	"time"
 
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
+	"github.com/certimate-go/certimate/internal/domain/expr"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 const CollectionNameWorkflow = "workflow"
@@ -30,6 +32,7 @@ const (
 	WorkflowNodeTypeEnd                 = WorkflowNodeType("end")
 	WorkflowNodeTypeApply               = WorkflowNodeType("apply")
 	WorkflowNodeTypeUpload              = WorkflowNodeType("upload")
+	WorkflowNodeTypeMonitor             = WorkflowNodeType("monitor")
 	WorkflowNodeTypeDeploy              = WorkflowNodeType("deploy")
 	WorkflowNodeTypeNotify              = WorkflowNodeType("notify")
 	WorkflowNodeTypeBranch              = WorkflowNodeType("branch")
@@ -68,23 +71,30 @@ type WorkflowNodeConfigForApply struct {
 	Provider              string         `json:"provider"`                        // DNS 提供商
 	ProviderAccessId      string         `json:"providerAccessId"`                // DNS 提供商授权记录 ID
 	ProviderConfig        map[string]any `json:"providerConfig"`                  // DNS 提供商额外配置
-	CAProvider            string         `json:"caProvider,omitempty"`            // CA 提供商（零值将使用全局配置）
+	CAProvider            string         `json:"caProvider,omitempty"`            // CA 提供商（零值时使用全局配置）
 	CAProviderAccessId    string         `json:"caProviderAccessId,omitempty"`    // CA 提供商授权记录 ID
 	CAProviderConfig      map[string]any `json:"caProviderConfig,omitempty"`      // CA 提供商额外配置
 	KeyAlgorithm          string         `json:"keyAlgorithm"`                    // 证书算法
 	Nameservers           string         `json:"nameservers,omitempty"`           // DNS 服务器列表，以半角分号分隔
 	DnsPropagationWait    int32          `json:"dnsPropagationWait,omitempty"`    // DNS 传播等待时间，等同于 lego 的 `--dns-propagation-wait` 参数
-	DnsPropagationTimeout int32          `json:"dnsPropagationTimeout,omitempty"` // DNS 传播检查超时时间（零值取决于提供商的默认值）
-	DnsTTL                int32          `json:"dnsTTL,omitempty"`                // DNS 解析记录 TTL（零值取决于提供商的默认值）
+	DnsPropagationTimeout int32          `json:"dnsPropagationTimeout,omitempty"` // DNS 传播检查超时时间（零值时使用提供商的默认值）
+	DnsTTL                int32          `json:"dnsTTL,omitempty"`                // DNS 解析记录 TTL（零值时使用提供商的默认值）
 	DisableFollowCNAME    bool           `json:"disableFollowCNAME,omitempty"`    // 是否关闭 CNAME 跟随
 	DisableARI            bool           `json:"disableARI,omitempty"`            // 是否关闭 ARI
-	SkipBeforeExpiryDays  int32          `json:"skipBeforeExpiryDays,omitempty"`  // 证书到期前多少天前跳过续期（零值将使用默认值 30）
+	SkipBeforeExpiryDays  int32          `json:"skipBeforeExpiryDays,omitempty"`  // 证书到期前多少天前跳过续期（零值时默认值 30）
 }
 
 type WorkflowNodeConfigForUpload struct {
-	Certificate string `json:"certificate"`
-	PrivateKey  string `json:"privateKey"`
-	Domains     string `json:"domains"`
+	Certificate string `json:"certificate"` // 证书 PEM 内容
+	PrivateKey  string `json:"privateKey"`  // 私钥 PEM 内容
+	Domains     string `json:"domains,omitempty"`
+}
+
+type WorkflowNodeConfigForMonitor struct {
+	Host        string `json:"host"`                  // 主机地址
+	Port        int32  `json:"port,omitempty"`        // 端口（零值时默认值 443）
+	Domain      string `json:"domain,omitempty"`      // 域名（零值时默认值 [Host]）
+	RequestPath string `json:"requestPath,omitempty"` // 请求路径
 }
 
 type WorkflowNodeConfigForDeploy struct {
@@ -96,66 +106,94 @@ type WorkflowNodeConfigForDeploy struct {
 }
 
 type WorkflowNodeConfigForNotify struct {
-	Channel          string         `json:"channel,omitempty"`        // Deprecated: v0.4.x 将废弃
-	Provider         string         `json:"provider"`                 // 通知提供商
-	ProviderAccessId string         `json:"providerAccessId"`         // 通知提供商授权记录 ID
-	ProviderConfig   map[string]any `json:"providerConfig,omitempty"` // 通知提供商额外配置
-	Subject          string         `json:"subject"`                  // 通知主题
-	Message          string         `json:"message"`                  // 通知内容
+	Channel              string         `json:"channel,omitempty"`        // Deprecated: v0.4.x 将废弃
+	Provider             string         `json:"provider"`                 // 通知提供商
+	ProviderAccessId     string         `json:"providerAccessId"`         // 通知提供商授权记录 ID
+	ProviderConfig       map[string]any `json:"providerConfig,omitempty"` // 通知提供商额外配置
+	Subject              string         `json:"subject"`                  // 通知主题
+	Message              string         `json:"message"`                  // 通知内容
+	SkipOnAllPrevSkipped bool           `json:"skipOnAllPrevSkipped"`     // 前序节点均已跳过时是否跳过
+}
+
+type WorkflowNodeConfigForCondition struct {
+	Expression expr.Expr `json:"expression"` // 条件表达式
 }
 
 func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply {
-	skipBeforeExpiryDays := maputil.GetInt32(n.Config, "skipBeforeExpiryDays")
-	if skipBeforeExpiryDays == 0 {
-		skipBeforeExpiryDays = 30
-	}
-
 	return WorkflowNodeConfigForApply{
-		Domains:               maputil.GetString(n.Config, "domains"),
-		ContactEmail:          maputil.GetString(n.Config, "contactEmail"),
-		Provider:              maputil.GetString(n.Config, "provider"),
-		ProviderAccessId:      maputil.GetString(n.Config, "providerAccessId"),
-		ProviderConfig:        maputil.GetKVMapAny(n.Config, "providerConfig"),
-		CAProvider:            maputil.GetString(n.Config, "caProvider"),
-		CAProviderAccessId:    maputil.GetString(n.Config, "caProviderAccessId"),
-		CAProviderConfig:      maputil.GetKVMapAny(n.Config, "caProviderConfig"),
-		KeyAlgorithm:          maputil.GetString(n.Config, "keyAlgorithm"),
-		Nameservers:           maputil.GetString(n.Config, "nameservers"),
-		DnsPropagationWait:    maputil.GetInt32(n.Config, "dnsPropagationWait"),
-		DnsPropagationTimeout: maputil.GetInt32(n.Config, "dnsPropagationTimeout"),
-		DnsTTL:                maputil.GetInt32(n.Config, "dnsTTL"),
-		DisableFollowCNAME:    maputil.GetBool(n.Config, "disableFollowCNAME"),
-		DisableARI:            maputil.GetBool(n.Config, "disableARI"),
-		SkipBeforeExpiryDays:  skipBeforeExpiryDays,
+		Domains:               xmaps.GetString(n.Config, "domains"),
+		ContactEmail:          xmaps.GetString(n.Config, "contactEmail"),
+		Provider:              xmaps.GetString(n.Config, "provider"),
+		ProviderAccessId:      xmaps.GetString(n.Config, "providerAccessId"),
+		ProviderConfig:        xmaps.GetKVMapAny(n.Config, "providerConfig"),
+		CAProvider:            xmaps.GetString(n.Config, "caProvider"),
+		CAProviderAccessId:    xmaps.GetString(n.Config, "caProviderAccessId"),
+		CAProviderConfig:      xmaps.GetKVMapAny(n.Config, "caProviderConfig"),
+		KeyAlgorithm:          xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)),
+		Nameservers:           xmaps.GetString(n.Config, "nameservers"),
+		DnsPropagationWait:    xmaps.GetInt32(n.Config, "dnsPropagationWait"),
+		DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"),
+		DnsTTL:                xmaps.GetInt32(n.Config, "dnsTTL"),
+		DisableFollowCNAME:    xmaps.GetBool(n.Config, "disableFollowCNAME"),
+		DisableARI:            xmaps.GetBool(n.Config, "disableARI"),
+		SkipBeforeExpiryDays:  xmaps.GetOrDefaultInt32(n.Config, "skipBeforeExpiryDays", 30),
 	}
 }
 
 func (n *WorkflowNode) GetConfigForUpload() WorkflowNodeConfigForUpload {
 	return WorkflowNodeConfigForUpload{
-		Certificate: maputil.GetString(n.Config, "certificate"),
-		PrivateKey:  maputil.GetString(n.Config, "privateKey"),
-		Domains:     maputil.GetString(n.Config, "domains"),
+		Certificate: xmaps.GetString(n.Config, "certificate"),
+		PrivateKey:  xmaps.GetString(n.Config, "privateKey"),
+		Domains:     xmaps.GetString(n.Config, "domains"),
+	}
+}
+
+func (n *WorkflowNode) GetConfigForMonitor() WorkflowNodeConfigForMonitor {
+	host := xmaps.GetString(n.Config, "host")
+	return WorkflowNodeConfigForMonitor{
+		Host:        host,
+		Port:        xmaps.GetOrDefaultInt32(n.Config, "port", 443),
+		Domain:      xmaps.GetOrDefaultString(n.Config, "domain", host),
+		RequestPath: xmaps.GetString(n.Config, "path"),
 	}
 }
 
 func (n *WorkflowNode) GetConfigForDeploy() WorkflowNodeConfigForDeploy {
 	return WorkflowNodeConfigForDeploy{
-		Certificate:         maputil.GetString(n.Config, "certificate"),
-		Provider:            maputil.GetString(n.Config, "provider"),
-		ProviderAccessId:    maputil.GetString(n.Config, "providerAccessId"),
-		ProviderConfig:      maputil.GetKVMapAny(n.Config, "providerConfig"),
-		SkipOnLastSucceeded: maputil.GetBool(n.Config, "skipOnLastSucceeded"),
+		Certificate:         xmaps.GetString(n.Config, "certificate"),
+		Provider:            xmaps.GetString(n.Config, "provider"),
+		ProviderAccessId:    xmaps.GetString(n.Config, "providerAccessId"),
+		ProviderConfig:      xmaps.GetKVMapAny(n.Config, "providerConfig"),
+		SkipOnLastSucceeded: xmaps.GetBool(n.Config, "skipOnLastSucceeded"),
 	}
 }
 
 func (n *WorkflowNode) GetConfigForNotify() WorkflowNodeConfigForNotify {
 	return WorkflowNodeConfigForNotify{
-		Channel:          maputil.GetString(n.Config, "channel"),
-		Provider:         maputil.GetString(n.Config, "provider"),
-		ProviderAccessId: maputil.GetString(n.Config, "providerAccessId"),
-		ProviderConfig:   maputil.GetKVMapAny(n.Config, "providerConfig"),
-		Subject:          maputil.GetString(n.Config, "subject"),
-		Message:          maputil.GetString(n.Config, "message"),
+		Channel:              xmaps.GetString(n.Config, "channel"),
+		Provider:             xmaps.GetString(n.Config, "provider"),
+		ProviderAccessId:     xmaps.GetString(n.Config, "providerAccessId"),
+		ProviderConfig:       xmaps.GetKVMapAny(n.Config, "providerConfig"),
+		Subject:              xmaps.GetString(n.Config, "subject"),
+		Message:              xmaps.GetString(n.Config, "message"),
+		SkipOnAllPrevSkipped: xmaps.GetBool(n.Config, "skipOnAllPrevSkipped"),
+	}
+}
+
+func (n *WorkflowNode) GetConfigForCondition() WorkflowNodeConfigForCondition {
+	expression := n.Config["expression"]
+	if expression == nil {
+		return WorkflowNodeConfigForCondition{}
+	}
+
+	exprRaw, _ := json.Marshal(expression)
+	expr, err := expr.UnmarshalExpr([]byte(exprRaw))
+	if err != nil {
+		return WorkflowNodeConfigForCondition{}
+	}
+
+	return WorkflowNodeConfigForCondition{
+		Expression: expr,
 	}
 }
 
@@ -168,9 +206,6 @@ type WorkflowNodeIO struct {
 	ValueSelector WorkflowNodeIOValueSelector `json:"valueSelector"`
 }
 
-type WorkflowNodeIOValueSelector struct {
-	Id   string `json:"id"`
-	Name string `json:"name"`
-}
+type WorkflowNodeIOValueSelector = expr.ExprValueSelector
 
 const WorkflowNodeIONameCertificate string = "certificate"

internal/notify/notifier.go

@@ -5,9 +5,9 @@ import (
 	"fmt"
 	"log/slog"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/repository"
+	"github.com/certimate-go/certimate/pkg/core"
 )
 
 type Notifier interface {
@@ -29,37 +29,39 @@ func NewWithWorkflowNode(config NotifierWithWorkflowNodeConfig) (Notifier, error
 		return nil, fmt.Errorf("node type is not '%s'", string(domain.WorkflowNodeTypeNotify))
 	}
 
-	nodeConfig := config.Node.GetConfigForNotify()
+	nodeCfg := config.Node.GetConfigForNotify()
 	options := &notifierProviderOptions{
-		Provider:               domain.NotificationProviderType(nodeConfig.Provider),
-		ProviderAccessConfig:   make(map[string]any),
-		ProviderExtendedConfig: nodeConfig.ProviderConfig,
+		Provider:              domain.NotificationProviderType(nodeCfg.Provider),
+		ProviderAccessConfig:  make(map[string]any),
+		ProviderServiceConfig: nodeCfg.ProviderConfig,
 	}
 
 	accessRepo := repository.NewAccessRepository()
-	if nodeConfig.ProviderAccessId != "" {
-		access, err := accessRepo.GetById(context.Background(), nodeConfig.ProviderAccessId)
+	if nodeCfg.ProviderAccessId != "" {
+		access, err := accessRepo.GetById(context.Background(), nodeCfg.ProviderAccessId)
 		if err != nil {
-			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeConfig.ProviderAccessId, err)
+			return nil, fmt.Errorf("failed to get access #%s record: %w", nodeCfg.ProviderAccessId, err)
 		} else {
 			options.ProviderAccessConfig = access.Config
 		}
 	}
 
-	notifierProvider, err := createNotifierProvider(options)
+	notifier, err := createNotifierProvider(options)
 	if err != nil {
 		return nil, err
+	} else {
+		notifier.SetLogger(config.Logger)
 	}
 
 	return &notifierImpl{
-		provider: notifierProvider.WithLogger(config.Logger),
+		provider: notifier,
 		subject:  config.Subject,
 		message:  config.Message,
 	}, nil
 }
 
 type notifierImpl struct {
-	provider notifier.Notifier
+	provider core.Notifier
 	subject  string
 	message  string
 }

internal/notify/notify.go

@@ -7,10 +7,10 @@ import (
 
 	"golang.org/x/sync/errgroup"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
-	"github.com/usual2970/certimate/internal/repository"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/repository"
+	"github.com/certimate-go/certimate/pkg/core"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 // Deprecated: v0.4.x 将废弃
@@ -51,7 +51,7 @@ func SendToChannel(subject, message string, channel string, channelConfig map[st
 }
 
 // Deprecated: v0.4.x 将废弃
-func getEnabledNotifiers() ([]notifier.Notifier, error) {
+func getEnabledNotifiers() ([]core.Notifier, error) {
 	settingsRepo := repository.NewSettingsRepository()
 	settings, err := settingsRepo.GetByName(context.Background(), "notifyChannels")
 	if err != nil {
@@ -63,9 +63,9 @@ func getEnabledNotifiers() ([]notifier.Notifier, error) {
 		return nil, fmt.Errorf("unmarshal notifyChannels error: %w", err)
 	}
 
-	notifiers := make([]notifier.Notifier, 0)
+	notifiers := make([]core.Notifier, 0)
 	for k, v := range rs {
-		if !maputil.GetBool(v, "enabled") {
+		if !xmaps.GetBool(v, "enabled") {
 			continue
 		}
 

internal/notify/providers.go

@@ -4,26 +4,28 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-	pDingTalk "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalk"
-	pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email"
-	pLark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/lark"
-	pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost"
-	pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegram"
-	pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook"
-	pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecom"
-	httputil "github.com/usual2970/certimate/internal/pkg/utils/http"
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/pkg/core"
+	pDingTalkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot"
+	pDiscordBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/discordbot"
+	pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email"
+	pLarkBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot"
+	pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost"
+	pSlackBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/slackbot"
+	pTelegramBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot"
+	pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook"
+	pWeComBot "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot"
+	xhttp "github.com/certimate-go/certimate/pkg/utils/http"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 type notifierProviderOptions struct {
-	Provider               domain.NotificationProviderType
-	ProviderAccessConfig   map[string]any
-	ProviderExtendedConfig map[string]any
+	Provider              domain.NotificationProviderType
+	ProviderAccessConfig  map[string]any
+	ProviderServiceConfig map[string]any
 }
 
-func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier, error) {
+func createNotifierProvider(options *notifierProviderOptions) (core.Notifier, error) {
 	/*
 	  注意：如果追加新的常量值，请保持以 ASCII 排序。
 	  NOTICE: If you add new constant, please keep ASCII order.
@@ -32,42 +34,56 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier
 	case domain.NotificationProviderTypeDingTalkBot:
 		{
 			access := domain.AccessConfigForDingTalkBot{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{
+			return pDingTalkBot.NewNotifierProvider(&pDingTalkBot.NotifierProviderConfig{
 				WebhookUrl: access.WebhookUrl,
 				Secret:     access.Secret,
 			})
 		}
 
+	case domain.NotificationProviderTypeDiscordBot:
+		{
+			access := domain.AccessConfigForDiscordBot{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			return pDiscordBot.NewNotifierProvider(&pDiscordBot.NotifierProviderConfig{
+				BotToken:  access.BotToken,
+				ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId),
+			})
+		}
+
 	case domain.NotificationProviderTypeEmail:
 		{
 			access := domain.AccessConfigForEmail{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pEmail.NewNotifier(&pEmail.NotifierConfig{
+			return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{
 				SmtpHost:        access.SmtpHost,
 				SmtpPort:        access.SmtpPort,
 				SmtpTls:         access.SmtpTls,
 				Username:        access.Username,
 				Password:        access.Password,
-				SenderAddress:   maputil.GetOrDefaultString(options.ProviderExtendedConfig, "senderAddress", access.DefaultSenderAddress),
-				ReceiverAddress: maputil.GetOrDefaultString(options.ProviderExtendedConfig, "receiverAddress", access.DefaultReceiverAddress),
+				SenderAddress:   xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderAddress", access.DefaultSenderAddress),
+				SenderName:      xmaps.GetOrDefaultString(options.ProviderServiceConfig, "senderName", access.DefaultSenderName),
+				ReceiverAddress: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "receiverAddress", access.DefaultReceiverAddress),
 			})
 		}
 
 	case domain.NotificationProviderTypeLarkBot:
 		{
 			access := domain.AccessConfigForLarkBot{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pLark.NewNotifier(&pLark.NotifierConfig{
+			return pLarkBot.NewNotifierProvider(&pLarkBot.NotifierProviderConfig{
 				WebhookUrl: access.WebhookUrl,
 			})
 		}
@@ -75,41 +91,54 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier
 	case domain.NotificationProviderTypeMattermost:
 		{
 			access := domain.AccessConfigForMattermost{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pMattermost.NewNotifier(&pMattermost.NotifierConfig{
+			return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{
 				ServerUrl: access.ServerUrl,
 				Username:  access.Username,
 				Password:  access.Password,
-				ChannelId: maputil.GetOrDefaultString(options.ProviderExtendedConfig, "channelId", access.DefaultChannelId),
+				ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId),
 			})
 		}
 
-	case domain.NotificationProviderTypeTelegram:
+	case domain.NotificationProviderTypeSlackBot:
 		{
-			access := domain.AccessConfigForTelegram{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			access := domain.AccessConfigForSlackBot{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pTelegram.NewNotifier(&pTelegram.NotifierConfig{
+			return pSlackBot.NewNotifierProvider(&pSlackBot.NotifierProviderConfig{
+				BotToken:  access.BotToken,
+				ChannelId: xmaps.GetOrDefaultString(options.ProviderServiceConfig, "channelId", access.DefaultChannelId),
+			})
+		}
+
+	case domain.NotificationProviderTypeTelegramBot:
+		{
+			access := domain.AccessConfigForTelegramBot{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			return pTelegramBot.NewNotifierProvider(&pTelegramBot.NotifierProviderConfig{
 				BotToken: access.BotToken,
-				ChatId:   maputil.GetOrDefaultInt64(options.ProviderExtendedConfig, "chatId", access.DefaultChatId),
+				ChatId:   xmaps.GetOrDefaultInt64(options.ProviderServiceConfig, "chatId", access.DefaultChatId),
 			})
 		}
 
 	case domain.NotificationProviderTypeWebhook:
 		{
 			access := domain.AccessConfigForWebhook{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
 			mergedHeaders := make(map[string]string)
 			if defaultHeadersString := access.HeadersString; defaultHeadersString != "" {
-				h, err := httputil.ParseHeaders(defaultHeadersString)
+				h, err := xhttp.ParseHeaders(defaultHeadersString)
 				if err != nil {
 					return nil, fmt.Errorf("failed to parse webhook headers: %w", err)
 				}
@@ -117,8 +146,8 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier
 					mergedHeaders[http.CanonicalHeaderKey(key)] = h.Get(key)
 				}
 			}
-			if extendedHeadersString := maputil.GetString(options.ProviderExtendedConfig, "headers"); extendedHeadersString != "" {
-				h, err := httputil.ParseHeaders(extendedHeadersString)
+			if extendedHeadersString := xmaps.GetString(options.ProviderServiceConfig, "headers"); extendedHeadersString != "" {
+				h, err := xhttp.ParseHeaders(extendedHeadersString)
 				if err != nil {
 					return nil, fmt.Errorf("failed to parse webhook headers: %w", err)
 				}
@@ -127,9 +156,9 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier
 				}
 			}
 
-			return pWebhook.NewNotifier(&pWebhook.NotifierConfig{
+			return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{
 				WebhookUrl:               access.Url,
-				WebhookData:              maputil.GetOrDefaultString(options.ProviderExtendedConfig, "webhookData", access.DefaultDataForNotification),
+				WebhookData:              xmaps.GetOrDefaultString(options.ProviderServiceConfig, "webhookData", access.DefaultDataForNotification),
 				Method:                   access.Method,
 				Headers:                  mergedHeaders,
 				AllowInsecureConnections: access.AllowInsecureConnections,
@@ -139,11 +168,11 @@ func createNotifierProvider(options *notifierProviderOptions) (notifier.Notifier
 	case domain.NotificationProviderTypeWeComBot:
 		{
 			access := domain.AccessConfigForWeComBot{}
-			if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
 				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
 			}
 
-			return pWeCom.NewNotifier(&pWeCom.NotifierConfig{
+			return pWeComBot.NewNotifierProvider(&pWeComBot.NotifierProviderConfig{
 				WebhookUrl: access.WebhookUrl,
 			})
 		}

internal/notify/providers_deprecated.go

@@ -3,104 +3,104 @@ package notify
 import (
 	"fmt"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-	pBark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/bark"
-	pDingTalk "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/dingtalk"
-	pEmail "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/email"
-	pGotify "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/gotify"
-	pLark "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/lark"
-	pMattermost "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/mattermost"
-	pPushover "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushover"
-	pPushPlus "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/pushplus"
-	pServerChan "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/serverchan"
-	pTelegram "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/telegram"
-	pWebhook "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/webhook"
-	pWeCom "github.com/usual2970/certimate/internal/pkg/core/notifier/providers/wecom"
-	maputil "github.com/usual2970/certimate/internal/pkg/utils/map"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/pkg/core"
+	pBark "github.com/certimate-go/certimate/pkg/core/notifier/providers/bark"
+	pDingTalk "github.com/certimate-go/certimate/pkg/core/notifier/providers/dingtalkbot"
+	pEmail "github.com/certimate-go/certimate/pkg/core/notifier/providers/email"
+	pGotify "github.com/certimate-go/certimate/pkg/core/notifier/providers/gotify"
+	pLark "github.com/certimate-go/certimate/pkg/core/notifier/providers/larkbot"
+	pMattermost "github.com/certimate-go/certimate/pkg/core/notifier/providers/mattermost"
+	pPushover "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushover"
+	pPushPlus "github.com/certimate-go/certimate/pkg/core/notifier/providers/pushplus"
+	pServerChan "github.com/certimate-go/certimate/pkg/core/notifier/providers/serverchan"
+	pTelegram "github.com/certimate-go/certimate/pkg/core/notifier/providers/telegrambot"
+	pWebhook "github.com/certimate-go/certimate/pkg/core/notifier/providers/webhook"
+	pWeCom "github.com/certimate-go/certimate/pkg/core/notifier/providers/wecombot"
+	xmaps "github.com/certimate-go/certimate/pkg/utils/maps"
 )
 
 // Deprecated: v0.4.x 将废弃
-func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (notifier.Notifier, error) {
+func createNotifierProviderUseGlobalSettings(channel domain.NotifyChannelType, channelConfig map[string]any) (core.Notifier, error) {
 	/*
 	  注意：如果追加新的常量值，请保持以 ASCII 排序。
 	  NOTICE: If you add new constant, please keep ASCII order.
 	*/
 	switch channel {
 	case domain.NotifyChannelTypeBark:
-		return pBark.NewNotifier(&pBark.NotifierConfig{
-			DeviceKey: maputil.GetString(channelConfig, "deviceKey"),
-			ServerUrl: maputil.GetString(channelConfig, "serverUrl"),
+		return pBark.NewNotifierProvider(&pBark.NotifierProviderConfig{
+			DeviceKey: xmaps.GetString(channelConfig, "deviceKey"),
+			ServerUrl: xmaps.GetString(channelConfig, "serverUrl"),
 		})
 
 	case domain.NotifyChannelTypeDingTalk:
-		return pDingTalk.NewNotifier(&pDingTalk.NotifierConfig{
-			WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + maputil.GetString(channelConfig, "accessToken"),
-			Secret:     maputil.GetString(channelConfig, "secret"),
+		return pDingTalk.NewNotifierProvider(&pDingTalk.NotifierProviderConfig{
+			WebhookUrl: "https://oapi.dingtalk.com/robot/send?access_token=" + xmaps.GetString(channelConfig, "accessToken"),
+			Secret:     xmaps.GetString(channelConfig, "secret"),
 		})
 
 	case domain.NotifyChannelTypeEmail:
-		return pEmail.NewNotifier(&pEmail.NotifierConfig{
-			SmtpHost:        maputil.GetString(channelConfig, "smtpHost"),
-			SmtpPort:        maputil.GetInt32(channelConfig, "smtpPort"),
-			SmtpTls:         maputil.GetOrDefaultBool(channelConfig, "smtpTLS", true),
-			Username:        maputil.GetOrDefaultString(channelConfig, "username", maputil.GetString(channelConfig, "senderAddress")),
-			Password:        maputil.GetString(channelConfig, "password"),
-			SenderAddress:   maputil.GetString(channelConfig, "senderAddress"),
-			ReceiverAddress: maputil.GetString(channelConfig, "receiverAddress"),
+		return pEmail.NewNotifierProvider(&pEmail.NotifierProviderConfig{
+			SmtpHost:        xmaps.GetString(channelConfig, "smtpHost"),
+			SmtpPort:        xmaps.GetInt32(channelConfig, "smtpPort"),
+			SmtpTls:         xmaps.GetOrDefaultBool(channelConfig, "smtpTLS", true),
+			Username:        xmaps.GetOrDefaultString(channelConfig, "username", xmaps.GetString(channelConfig, "senderAddress")),
+			Password:        xmaps.GetString(channelConfig, "password"),
+			SenderAddress:   xmaps.GetString(channelConfig, "senderAddress"),
+			ReceiverAddress: xmaps.GetString(channelConfig, "receiverAddress"),
 		})
 
 	case domain.NotifyChannelTypeGotify:
-		return pGotify.NewNotifier(&pGotify.NotifierConfig{
-			Url:      maputil.GetString(channelConfig, "url"),
-			Token:    maputil.GetString(channelConfig, "token"),
-			Priority: maputil.GetOrDefaultInt64(channelConfig, "priority", 1),
+		return pGotify.NewNotifierProvider(&pGotify.NotifierProviderConfig{
+			ServerUrl: xmaps.GetString(channelConfig, "url"),
+			Token:     xmaps.GetString(channelConfig, "token"),
+			Priority:  xmaps.GetOrDefaultInt64(channelConfig, "priority", 1),
 		})
 
 	case domain.NotifyChannelTypeLark:
-		return pLark.NewNotifier(&pLark.NotifierConfig{
-			WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"),
+		return pLark.NewNotifierProvider(&pLark.NotifierProviderConfig{
+			WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"),
 		})
 
 	case domain.NotifyChannelTypeMattermost:
-		return pMattermost.NewNotifier(&pMattermost.NotifierConfig{
-			ServerUrl: maputil.GetString(channelConfig, "serverUrl"),
-			ChannelId: maputil.GetString(channelConfig, "channelId"),
-			Username:  maputil.GetString(channelConfig, "username"),
-			Password:  maputil.GetString(channelConfig, "password"),
+		return pMattermost.NewNotifierProvider(&pMattermost.NotifierProviderConfig{
+			ServerUrl: xmaps.GetString(channelConfig, "serverUrl"),
+			ChannelId: xmaps.GetString(channelConfig, "channelId"),
+			Username:  xmaps.GetString(channelConfig, "username"),
+			Password:  xmaps.GetString(channelConfig, "password"),
 		})
 
 	case domain.NotifyChannelTypePushover:
-		return pPushover.NewNotifier(&pPushover.NotifierConfig{
-			Token: maputil.GetString(channelConfig, "token"),
-			User:  maputil.GetString(channelConfig, "user"),
+		return pPushover.NewNotifierProvider(&pPushover.NotifierProviderConfig{
+			Token: xmaps.GetString(channelConfig, "token"),
+			User:  xmaps.GetString(channelConfig, "user"),
 		})
 
 	case domain.NotifyChannelTypePushPlus:
-		return pPushPlus.NewNotifier(&pPushPlus.NotifierConfig{
-			Token: maputil.GetString(channelConfig, "token"),
+		return pPushPlus.NewNotifierProvider(&pPushPlus.NotifierProviderConfig{
+			Token: xmaps.GetString(channelConfig, "token"),
 		})
 
 	case domain.NotifyChannelTypeServerChan:
-		return pServerChan.NewNotifier(&pServerChan.NotifierConfig{
-			Url: maputil.GetString(channelConfig, "url"),
+		return pServerChan.NewNotifierProvider(&pServerChan.NotifierProviderConfig{
+			ServerUrl: xmaps.GetString(channelConfig, "url"),
 		})
 
 	case domain.NotifyChannelTypeTelegram:
-		return pTelegram.NewNotifier(&pTelegram.NotifierConfig{
-			BotToken: maputil.GetString(channelConfig, "apiToken"),
-			ChatId:   maputil.GetInt64(channelConfig, "chatId"),
+		return pTelegram.NewNotifierProvider(&pTelegram.NotifierProviderConfig{
+			BotToken: xmaps.GetString(channelConfig, "apiToken"),
+			ChatId:   xmaps.GetInt64(channelConfig, "chatId"),
 		})
 
 	case domain.NotifyChannelTypeWebhook:
-		return pWebhook.NewNotifier(&pWebhook.NotifierConfig{
-			WebhookUrl:               maputil.GetString(channelConfig, "url"),
-			AllowInsecureConnections: maputil.GetBool(channelConfig, "allowInsecureConnections"),
+		return pWebhook.NewNotifierProvider(&pWebhook.NotifierProviderConfig{
+			WebhookUrl:               xmaps.GetString(channelConfig, "url"),
+			AllowInsecureConnections: xmaps.GetBool(channelConfig, "allowInsecureConnections"),
 		})
 
 	case domain.NotifyChannelTypeWeCom:
-		return pWeCom.NewNotifier(&pWeCom.NotifierConfig{
-			WebhookUrl: maputil.GetString(channelConfig, "webhookUrl"),
+		return pWeCom.NewNotifierProvider(&pWeCom.NotifierProviderConfig{
+			WebhookUrl: xmaps.GetString(channelConfig, "webhookUrl"),
 		})
 	}
 

internal/notify/service.go

@@ -4,8 +4,8 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/usual2970/certimate/internal/domain"
-	"github.com/usual2970/certimate/internal/domain/dtos"
+	"github.com/certimate-go/certimate/internal/domain"
+	"github.com/certimate-go/certimate/internal/domain/dtos"
 )
 
 // Deprecated: v0.4.x 将废弃

internal/pkg/core/deployer/providers/1panel-console/1panel_console.go

@@ -1,97 +0,0 @@
-package onepanelconsole
-
-import (
-	"context"
-	"crypto/tls"
-	"errors"
-	"fmt"
-	"log/slog"
-	"net/url"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
-)
-
-type DeployerConfig struct {
-	// 1Panel 地址。
-	ApiUrl string `json:"apiUrl"`
-	// 1Panel 接口密钥。
-	ApiKey string `json:"apiKey"`
-	// 是否允许不安全的连接。
-	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
-	// 是否自动重启。
-	AutoRestart bool `json:"autoRestart"`
-}
-
-type DeployerProvider struct {
-	config    *DeployerConfig
-	logger    *slog.Logger
-	sdkClient *opsdk.Client
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 设置面板 SSL 证书
-	updateSystemSSLReq := &opsdk.UpdateSystemSSLRequest{
-		Cert:    certPEM,
-		Key:     privkeyPEM,
-		SSL:     "enable",
-		SSLType: "import-paste",
-	}
-	if d.config.AutoRestart {
-		updateSystemSSLReq.AutoRestart = "true"
-	} else {
-		updateSystemSSLReq.AutoRestart = "false"
-	}
-	updateSystemSSLResp, err := d.sdkClient.UpdateSystemSSL(updateSystemSSLReq)
-	d.logger.Debug("sdk request '1panel.UpdateSystemSSL'", slog.Any("request", updateSystemSSLReq), slog.Any("response", updateSystemSSLResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request '1panel.UpdateSystemSSL': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func createSdkClient(apiUrl, apiKey string, skipTlsVerify bool) (*opsdk.Client, error) {
-	if _, err := url.Parse(apiUrl); err != nil {
-		return nil, errors.New("invalid 1panel api url")
-	}
-
-	if apiKey == "" {
-		return nil, errors.New("invalid 1panel api key")
-	}
-
-	client := opsdk.NewClient(apiUrl, apiKey)
-	if skipTlsVerify {
-		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
-	}
-
-	return client, nil
-}

internal/pkg/core/deployer/providers/1panel-site/1panel_site.go

@@ -1,191 +0,0 @@
-package onepanelsite
-
-import (
-	"context"
-	"crypto/tls"
-	"errors"
-	"fmt"
-	"log/slog"
-	"net/url"
-	"strconv"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/1panel-ssl"
-	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
-)
-
-type DeployerConfig struct {
-	// 1Panel 地址。
-	ApiUrl string `json:"apiUrl"`
-	// 1Panel 接口密钥。
-	ApiKey string `json:"apiKey"`
-	// 是否允许不安全的连接。
-	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
-	// 部署资源类型。
-	ResourceType ResourceType `json:"resourceType"`
-	// 网站 ID。
-	// 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。
-	WebsiteId int64 `json:"websiteId,omitempty"`
-	// 证书 ID。
-	// 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。
-	CertificateId int64 `json:"certificateId,omitempty"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClient   *opsdk.Client
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		ApiUrl: config.ApiUrl,
-		ApiKey: config.ApiKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClient:   client,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 根据部署资源类型决定部署方式
-	switch d.config.ResourceType {
-	case RESOURCE_TYPE_WEBSITE:
-		if err := d.deployToWebsite(ctx, certPEM, privkeyPEM); err != nil {
-			return nil, err
-		}
-
-	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
-			return nil, err
-		}
-
-	default:
-		return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPEM string, privkeyPEM string) error {
-	if d.config.WebsiteId == 0 {
-		return errors.New("config `websiteId` is required")
-	}
-
-	// 获取网站 HTTPS 配置
-	getHttpsConfReq := &opsdk.GetHttpsConfRequest{
-		WebsiteID: d.config.WebsiteId,
-	}
-	getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq)
-	d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Any("request", getHttpsConfReq), slog.Any("response", getHttpsConfResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request '1panel.GetHttpsConf': %w", err)
-	}
-
-	// 上传证书到面板
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// 修改网站 HTTPS 配置
-	certId, _ := strconv.ParseInt(upres.CertId, 10, 64)
-	updateHttpsConfReq := &opsdk.UpdateHttpsConfRequest{
-		WebsiteID:    d.config.WebsiteId,
-		Type:         "existed",
-		WebsiteSSLID: certId,
-		Enable:       getHttpsConfResp.Data.Enable,
-		HttpConfig:   getHttpsConfResp.Data.HttpConfig,
-		SSLProtocol:  getHttpsConfResp.Data.SSLProtocol,
-		Algorithm:    getHttpsConfResp.Data.Algorithm,
-		Hsts:         getHttpsConfResp.Data.Hsts,
-	}
-	updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq)
-	d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request '1panel.UpdateHttpsConf': %w", err)
-	}
-
-	return nil
-}
-
-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
-	if d.config.CertificateId == 0 {
-		return errors.New("config `certificateId` is required")
-	}
-
-	// 获取证书详情
-	getWebsiteSSLReq := &opsdk.GetWebsiteSSLRequest{
-		SSLID: d.config.CertificateId,
-	}
-	getWebsiteSSLResp, err := d.sdkClient.GetWebsiteSSL(getWebsiteSSLReq)
-	d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("request", getWebsiteSSLReq), slog.Any("response", getWebsiteSSLResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request '1panel.GetWebsiteSSL': %w", err)
-	}
-
-	// 更新证书
-	uploadWebsiteSSLReq := &opsdk.UploadWebsiteSSLRequest{
-		Type:        "paste",
-		SSLID:       d.config.CertificateId,
-		Description: getWebsiteSSLResp.Data.Description,
-		Certificate: certPEM,
-		PrivateKey:  privkeyPEM,
-	}
-	uploadWebsiteSSLResp, err := d.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
-	d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err)
-	}
-
-	return nil
-}
-
-func createSdkClient(apiUrl, apiKey string, skipTlsVerify bool) (*opsdk.Client, error) {
-	if _, err := url.Parse(apiUrl); err != nil {
-		return nil, errors.New("invalid 1panel api url")
-	}
-
-	if apiKey == "" {
-		return nil, errors.New("invalid 1panel api key")
-	}
-
-	client := opsdk.NewClient(apiUrl, apiKey)
-	if skipTlsVerify {
-		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
-	}
-
-	return client, nil
-}

internal/pkg/core/deployer/providers/aliyun-cas/aliyun_cas.go

@@ -1,71 +0,0 @@
-package aliyuncas
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
-)
-
-type DeployerConfig struct {
-	// 阿里云 AccessKeyId。
-	AccessKeyId string `json:"accessKeyId"`
-	// 阿里云 AccessKeySecret。
-	AccessKeySecret string `json:"accessKeySecret"`
-	// 阿里云地域。
-	Region string `json:"region"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKeyId:     config.AccessKeyId,
-		AccessKeySecret: config.AccessKeySecret,
-		Region:          config.Region,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/aws-cloudfront/aws_cloudfront.go

@@ -1,133 +0,0 @@
-package awscloudfront
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-
-	aws "github.com/aws/aws-sdk-go-v2/aws"
-	awscfg "github.com/aws/aws-sdk-go-v2/config"
-	awscred "github.com/aws/aws-sdk-go-v2/credentials"
-	"github.com/aws/aws-sdk-go-v2/service/cloudfront"
-	"github.com/aws/aws-sdk-go-v2/service/cloudfront/types"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aws-acm"
-)
-
-type DeployerConfig struct {
-	// AWS AccessKeyId。
-	AccessKeyId string `json:"accessKeyId"`
-	// AWS SecretAccessKey。
-	SecretAccessKey string `json:"secretAccessKey"`
-	// AWS 区域。
-	Region string `json:"region"`
-	// AWS CloudFront 分配 ID。
-	DistributionId string `json:"distributionId"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClient   *cloudfront.Client
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.AccessKeyId, config.SecretAccessKey, config.Region)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKeyId:     config.AccessKeyId,
-		SecretAccessKey: config.SecretAccessKey,
-		Region:          config.Region,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClient:   client,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	if d.config.DistributionId == "" {
-		return nil, errors.New("config `distribuitionId` is required")
-	}
-
-	// 上传证书到 ACM
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// 获取分配配置
-	// REF: https://docs.aws.amazon.com/en_us/cloudfront/latest/APIReference/API_GetDistributionConfig.html
-	getDistributionConfigReq := &cloudfront.GetDistributionConfigInput{
-		Id: aws.String(d.config.DistributionId),
-	}
-	getDistributionConfigResp, err := d.sdkClient.GetDistributionConfig(context.TODO(), getDistributionConfigReq)
-	d.logger.Debug("sdk request 'cloudfront.GetDistributionConfig'", slog.Any("request", getDistributionConfigReq), slog.Any("response", getDistributionConfigResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cloudfront.GetDistributionConfig': %w", err)
-	}
-
-	// 更新分配配置
-	// REF: https://docs.aws.amazon.com/zh_cn/cloudfront/latest/APIReference/API_UpdateDistribution.html
-	updateDistributionReq := &cloudfront.UpdateDistributionInput{
-		Id:                 aws.String(d.config.DistributionId),
-		DistributionConfig: getDistributionConfigResp.DistributionConfig,
-		IfMatch:            getDistributionConfigResp.ETag,
-	}
-	if updateDistributionReq.DistributionConfig.ViewerCertificate == nil {
-		updateDistributionReq.DistributionConfig.ViewerCertificate = &types.ViewerCertificate{}
-	}
-	updateDistributionReq.DistributionConfig.ViewerCertificate.CloudFrontDefaultCertificate = aws.Bool(false)
-	updateDistributionReq.DistributionConfig.ViewerCertificate.ACMCertificateArn = aws.String(upres.CertId)
-	updateDistributionResp, err := d.sdkClient.UpdateDistribution(context.TODO(), updateDistributionReq)
-	d.logger.Debug("sdk request 'cloudfront.UpdateDistribution'", slog.Any("request", updateDistributionReq), slog.Any("response", updateDistributionResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cloudfront.UpdateDistribution': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func createSdkClient(accessKeyId, secretAccessKey, region string) (*cloudfront.Client, error) {
-	cfg, err := awscfg.LoadDefaultConfig(context.TODO())
-	if err != nil {
-		return nil, err
-	}
-
-	client := cloudfront.NewFromConfig(cfg, func(o *cloudfront.Options) {
-		o.Region = region
-		o.Credentials = aws.NewCredentialsCache(awscred.NewStaticCredentialsProvider(accessKeyId, secretAccessKey, ""))
-	})
-	return client, nil
-}

internal/pkg/core/deployer/providers/baiducloud-cert/baiducloud_cert.go

@@ -1,67 +0,0 @@
-package baiducloudcert
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/baiducloud-cert"
-)
-
-type DeployerConfig struct {
-	// 百度智能云 AccessKeyId。
-	AccessKeyId string `json:"accessKeyId"`
-	// 百度智能云 SecretAccessKey。
-	SecretAccessKey string `json:"secretAccessKey"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKeyId:     config.AccessKeyId,
-		SecretAccessKey: config.SecretAccessKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 CAS
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go

@@ -1,66 +0,0 @@
-package bunnycdn
-
-import (
-	"context"
-	"encoding/base64"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	bunnysdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/bunny"
-)
-
-type DeployerConfig struct {
-	// Bunny API Key。
-	ApiKey string `json:"apiKey"`
-	// Bunny Pull Zone ID。
-	PullZoneId string `json:"pullZoneId"`
-	// Bunny CDN Hostname（支持泛域名）。
-	Hostname string `json:"hostname"`
-}
-
-type DeployerProvider struct {
-	config    *DeployerConfig
-	logger    *slog.Logger
-	sdkClient *bunnysdk.Client
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &DeployerProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: bunnysdk.NewClient(config.ApiKey),
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书
-	createCertificateReq := &bunnysdk.AddCustomCertificateRequest{
-		Hostname:       d.config.Hostname,
-		PullZoneId:     d.config.PullZoneId,
-		Certificate:    base64.StdEncoding.EncodeToString([]byte(certPEM)),
-		CertificateKey: base64.StdEncoding.EncodeToString([]byte(privkeyPEM)),
-	}
-	createCertificateResp, err := d.sdkClient.AddCustomCertificate(createCertificateReq)
-	d.logger.Debug("sdk request 'bunny.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'bunny.AddCustomCertificate': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/cachefly/cachefly.go

@@ -1,75 +0,0 @@
-package cachefly
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cachefly"
-)
-
-type DeployerConfig struct {
-	// CacheFly API Token。
-	ApiToken string `json:"apiToken"`
-}
-
-type DeployerProvider struct {
-	config    *DeployerConfig
-	logger    *slog.Logger
-	sdkClient *cfsdk.Client
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiToken)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书
-	// REF: https://api.cachefly.com/api/2.5/docs#tag/Certificates/paths/~1certificates/post
-	createCertificateReq := &cfsdk.CreateCertificateRequest{
-		Certificate:    certPEM,
-		CertificateKey: privkeyPEM,
-	}
-	createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
-	d.logger.Debug("sdk request 'cachefly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cachefly.CreateCertificate': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func createSdkClient(apiToken string) (*cfsdk.Client, error) {
-	if apiToken == "" {
-		return nil, errors.New("invalid cachefly api token")
-	}
-
-	client := cfsdk.NewClient(apiToken)
-	return client, nil
-}

internal/pkg/core/deployer/providers/cdnfly/cdnfly.go

@@ -1,182 +0,0 @@
-package cdnfly
-
-import (
-	"context"
-	"crypto/tls"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"log/slog"
-	"net/url"
-	"time"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	cfsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/cdnfly"
-)
-
-type DeployerConfig struct {
-	// Cdnfly 地址。
-	ApiUrl string `json:"apiUrl"`
-	// Cdnfly 用户端 API Key。
-	ApiKey string `json:"apiKey"`
-	// Cdnfly 用户端 API Secret。
-	ApiSecret string `json:"apiSecret"`
-	// 是否允许不安全的连接。
-	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
-	// 部署资源类型。
-	ResourceType ResourceType `json:"resourceType"`
-	// 网站 ID。
-	// 部署资源类型为 [RESOURCE_TYPE_SITE] 时必填。
-	SiteId string `json:"siteId,omitempty"`
-	// 证书 ID。
-	// 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。
-	CertificateId string `json:"certificateId,omitempty"`
-}
-
-type DeployerProvider struct {
-	config    *DeployerConfig
-	logger    *slog.Logger
-	sdkClient *cfsdk.Client
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.ApiSecret, config.AllowInsecureConnections)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 根据部署资源类型决定部署方式
-	switch d.config.ResourceType {
-	case RESOURCE_TYPE_SITE:
-		if err := d.deployToSite(ctx, certPEM, privkeyPEM); err != nil {
-			return nil, err
-		}
-
-	case RESOURCE_TYPE_CERTIFICATE:
-		if err := d.deployToCertificate(ctx, certPEM, privkeyPEM); err != nil {
-			return nil, err
-		}
-
-	default:
-		return nil, fmt.Errorf("unsupported resource type '%s'", d.config.ResourceType)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func (d *DeployerProvider) deployToSite(ctx context.Context, certPEM string, privkeyPEM string) error {
-	if d.config.SiteId == "" {
-		return errors.New("config `siteId` is required")
-	}
-
-	// 获取单个网站详情
-	// REF: https://doc.cdnfly.cn/wangzhanguanli-v1-sites.html#%E8%8E%B7%E5%8F%96%E5%8D%95%E4%B8%AA%E7%BD%91%E7%AB%99%E8%AF%A6%E6%83%85
-	getSiteReq := &cfsdk.GetSiteRequest{
-		Id: d.config.SiteId,
-	}
-	getSiteResp, err := d.sdkClient.GetSite(getSiteReq)
-	d.logger.Debug("sdk request 'cdnfly.GetSite'", slog.Any("request", getSiteReq), slog.Any("response", getSiteResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'cdnfly.GetSite': %w", err)
-	}
-
-	// 添加单个证书
-	// REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E6%B7%BB%E5%8A%A0%E5%8D%95%E4%B8%AA%E6%88%96%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6-%E5%A4%9A%E4%B8%AA%E8%AF%81%E4%B9%A6%E6%97%B6%E6%95%B0%E6%8D%AE%E6%A0%BC%E5%BC%8F%E4%B8%BA%E6%95%B0%E7%BB%84
-	createCertificateReq := &cfsdk.CreateCertificateRequest{
-		Name: fmt.Sprintf("certimate-%d", time.Now().UnixMilli()),
-		Type: "custom",
-		Cert: certPEM,
-		Key:  privkeyPEM,
-	}
-	createCertificateResp, err := d.sdkClient.CreateCertificate(createCertificateReq)
-	d.logger.Debug("sdk request 'cdnfly.CreateCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'cdnfly.CreateCertificate': %w", err)
-	}
-
-	// 修改单个网站
-	// REF: https://doc.cdnfly.cn/wangzhanguanli-v1-sites.html#%E4%BF%AE%E6%94%B9%E5%8D%95%E4%B8%AA%E7%BD%91%E7%AB%99
-	updateSiteHttpsListenMap := make(map[string]any)
-	_ = json.Unmarshal([]byte(getSiteResp.Data.HttpsListen), &updateSiteHttpsListenMap)
-	updateSiteHttpsListenMap["cert"] = createCertificateResp.Data
-	updateSiteHttpsListenData, _ := json.Marshal(updateSiteHttpsListenMap)
-	updateSiteHttpsListen := string(updateSiteHttpsListenData)
-	updateSiteReq := &cfsdk.UpdateSiteRequest{
-		Id:          d.config.SiteId,
-		HttpsListen: &updateSiteHttpsListen,
-	}
-	updateSiteResp, err := d.sdkClient.UpdateSite(updateSiteReq)
-	d.logger.Debug("sdk request 'cdnfly.UpdateSite'", slog.Any("request", updateSiteReq), slog.Any("response", updateSiteResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateSite': %w", err)
-	}
-
-	return nil
-}
-
-func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPEM string, privkeyPEM string) error {
-	if d.config.CertificateId == "" {
-		return errors.New("config `certificateId` is required")
-	}
-
-	// 修改单个证书
-	// REF: https://doc.cdnfly.cn/wangzhanzhengshu-v1-certs.html#%E4%BF%AE%E6%94%B9%E5%8D%95%E4%B8%AA%E8%AF%81%E4%B9%A6
-	updateCertificateType := "custom"
-	updateCertificateReq := &cfsdk.UpdateCertificateRequest{
-		Id:   d.config.CertificateId,
-		Type: &updateCertificateType,
-		Cert: &certPEM,
-		Key:  &privkeyPEM,
-	}
-	updateCertificateResp, err := d.sdkClient.UpdateCertificate(updateCertificateReq)
-	d.logger.Debug("sdk request 'cdnfly.UpdateCertificate'", slog.Any("request", updateCertificateReq), slog.Any("response", updateCertificateResp))
-	if err != nil {
-		return fmt.Errorf("failed to execute sdk request 'cdnfly.UpdateCertificate': %w", err)
-	}
-
-	return nil
-}
-
-func createSdkClient(apiUrl, apiKey, apiSecret string, skipTlsVerify bool) (*cfsdk.Client, error) {
-	if _, err := url.Parse(apiUrl); err != nil {
-		return nil, errors.New("invalid cachefly api url")
-	}
-
-	if apiKey == "" {
-		return nil, errors.New("invalid cachefly api key")
-	}
-
-	if apiSecret == "" {
-		return nil, errors.New("invalid cachefly api secret")
-	}
-
-	client := cfsdk.NewClient(apiUrl, apiKey, apiSecret)
-	if skipTlsVerify {
-		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
-	}
-
-	return client, nil
-}

internal/pkg/core/deployer/providers/dogecloud-cdn/dogecloud_cdn.go

@@ -1,85 +0,0 @@
-package dogecloudcdn
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"strconv"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
-	dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud"
-)
-
-type DeployerConfig struct {
-	// 多吉云 AccessKey。
-	AccessKey string `json:"accessKey"`
-	// 多吉云 SecretKey。
-	SecretKey string `json:"secretKey"`
-	// 加速域名（不支持泛域名）。
-	Domain string `json:"domain"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClient   *dogesdk.Client
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client := dogesdk.NewClient(config.AccessKey, config.SecretKey)
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKey: config.AccessKey,
-		SecretKey: config.SecretKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClient:   client,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 CDN
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// 绑定证书
-	// REF: https://docs.dogecloud.com/cdn/api-cert-bind
-	bindCdnCertId, _ := strconv.ParseInt(upres.CertId, 10, 64)
-	bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(bindCdnCertId, d.config.Domain)
-	d.logger.Debug("sdk request 'cdn.BindCdnCert'", slog.Int64("request.certId", bindCdnCertId), slog.String("request.domain", d.config.Domain), slog.Any("response", bindCdnCertResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cdn.BindCdnCert': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/huaweicloud-scm/huaweicloud_scm.go

@@ -1,68 +0,0 @@
-package huaweicloudscm
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/huaweicloud-scm"
-)
-
-type DeployerConfig struct {
-	// 华为云 AccessKeyId。
-	AccessKeyId string `json:"accessKeyId"`
-	// 华为云 SecretAccessKey。
-	SecretAccessKey string `json:"secretAccessKey"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKeyId:     config.AccessKeyId,
-		SecretAccessKey: config.SecretAccessKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 SCM
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/rainyun-rcdn/rainyun_rcdn.go

@@ -1,101 +0,0 @@
-package rainyunrcdn
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-	"strconv"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/rainyun-sslcenter"
-	rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun"
-)
-
-type DeployerConfig struct {
-	// 雨云 API 密钥。
-	ApiKey string `json:"apiKey"`
-	// RCDN 实例 ID。
-	InstanceId int32 `json:"instanceId"`
-	// 加速域名（支持泛域名）。
-	Domain string `json:"domain"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClient   *rainyunsdk.Client
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiKey)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		ApiKey: config.ApiKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClient:   client,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 SSL 证书
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// RCDN SSL 绑定域名
-	// REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-184214120
-	certId, _ := strconv.Atoi(upres.CertId)
-	rcdnInstanceSslBindReq := &rainyunsdk.RcdnInstanceSslBindRequest{
-		CertId:  int32(certId),
-		Domains: []string{d.config.Domain},
-	}
-	rcdnInstanceSslBindResp, err := d.sdkClient.RcdnInstanceSslBind(d.config.InstanceId, rcdnInstanceSslBindReq)
-	d.logger.Debug("sdk request 'rcdn.InstanceSslBind'", slog.Any("instanceId", d.config.InstanceId), slog.Any("request", rcdnInstanceSslBindReq), slog.Any("response", rcdnInstanceSslBindResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'rcdn.InstanceSslBind': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func createSdkClient(apiKey string) (*rainyunsdk.Client, error) {
-	if apiKey == "" {
-		return nil, errors.New("invalid rainyun api key")
-	}
-
-	client := rainyunsdk.NewClient(apiKey)
-	return client, nil
-}

internal/pkg/core/deployer/providers/tencentcloud-cos/tencentcloud_cos.go

@@ -1,116 +0,0 @@
-package tencentcloudcos
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-
-	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
-	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
-	tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
-)
-
-type DeployerConfig struct {
-	// 腾讯云 SecretId。
-	SecretId string `json:"secretId"`
-	// 腾讯云 SecretKey。
-	SecretKey string `json:"secretKey"`
-	// 腾讯云地域。
-	Region string `json:"region"`
-	// 存储桶名。
-	Bucket string `json:"bucket"`
-	// 自定义域名（不支持泛域名）。
-	Domain string `json:"domain"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClient   *tcssl.Client
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.SecretId, config.SecretKey, config.Region)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		SecretId:  config.SecretId,
-		SecretKey: config.SecretKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClient:   client,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	if d.config.Bucket == "" {
-		return nil, errors.New("config `bucket` is required")
-	}
-	if d.config.Domain == "" {
-		return nil, errors.New("config `domain` is required")
-	}
-
-	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// 证书部署到 COS 实例
-	// REF: https://cloud.tencent.com/document/product/400/91667
-	deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
-	deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
-	deployCertificateInstanceReq.ResourceType = common.StringPtr("cos")
-	deployCertificateInstanceReq.Status = common.Int64Ptr(1)
-	deployCertificateInstanceReq.InstanceIdList = common.StringPtrs([]string{fmt.Sprintf("%s#%s#%s", d.config.Region, d.config.Bucket, d.config.Domain)})
-	deployCertificateInstanceResp, err := d.sdkClient.DeployCertificateInstance(deployCertificateInstanceReq)
-	d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'ssl.DeployCertificateInstance': %w", err)
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func createSdkClient(secretId, secretKey, region string) (*tcssl.Client, error) {
-	credential := common.NewCredential(secretId, secretKey)
-	client, err := tcssl.NewClient(credential, region, profile.NewClientProfile())
-	if err != nil {
-		return nil, err
-	}
-
-	return client, nil
-}

internal/pkg/core/deployer/providers/tencentcloud-ecdn/tencentcloud_ecdn.go

@@ -1,162 +0,0 @@
-package tencentcloudecdn
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"strings"
-
-	tccdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
-	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
-	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
-	tcssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
-)
-
-type DeployerConfig struct {
-	// 腾讯云 SecretId。
-	SecretId string `json:"secretId"`
-	// 腾讯云 SecretKey。
-	SecretKey string `json:"secretKey"`
-	// 加速域名（支持泛域名）。
-	Domain string `json:"domain"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sdkClients  *wSdkClients
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-type wSdkClients struct {
-	SSL *tcssl.Client
-	CDN *tccdn.Client
-}
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	clients, err := createSdkClients(config.SecretId, config.SecretKey)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk clients: %w", err)
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		SecretId:  config.SecretId,
-		SecretKey: config.SecretKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sdkClients:  clients,
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	// 获取待部署的 CDN 实例
-	// 如果是泛域名，根据证书匹配 CDN 实例
-	instanceIds := make([]string, 0)
-	if strings.HasPrefix(d.config.Domain, "*.") {
-		domains, err := d.getDomainsByCertificateId(upres.CertId)
-		if err != nil {
-			return nil, err
-		}
-
-		instanceIds = domains
-	} else {
-		instanceIds = append(instanceIds, d.config.Domain)
-	}
-
-	if len(instanceIds) == 0 {
-		d.logger.Info("no ecdn instances to deploy")
-	} else {
-		d.logger.Info("found ecdn instances to deploy", slog.Any("instanceIds", instanceIds))
-
-		// 证书部署到 ECDN 实例
-		// REF: https://cloud.tencent.com/document/product/400/91667
-		deployCertificateInstanceReq := tcssl.NewDeployCertificateInstanceRequest()
-		deployCertificateInstanceReq.CertificateId = common.StringPtr(upres.CertId)
-		deployCertificateInstanceReq.ResourceType = common.StringPtr("cdn")
-		deployCertificateInstanceReq.Status = common.Int64Ptr(1)
-		deployCertificateInstanceReq.InstanceIdList = common.StringPtrs(instanceIds)
-		deployCertificateInstanceResp, err := d.sdkClients.SSL.DeployCertificateInstance(deployCertificateInstanceReq)
-		d.logger.Debug("sdk request 'ssl.DeployCertificateInstance'", slog.Any("request", deployCertificateInstanceReq), slog.Any("response", deployCertificateInstanceResp))
-		if err != nil {
-			return nil, fmt.Errorf("failed to execute sdk request 'ssl.DeployCertificateInstance': %w", err)
-		}
-	}
-
-	return &deployer.DeployResult{}, nil
-}
-
-func (d *DeployerProvider) getDomainsByCertificateId(cloudCertId string) ([]string, error) {
-	// 获取证书中的可用域名
-	// REF: https://cloud.tencent.com/document/product/228/42491
-	describeCertDomainsReq := tccdn.NewDescribeCertDomainsRequest()
-	describeCertDomainsReq.CertId = common.StringPtr(cloudCertId)
-	describeCertDomainsReq.Product = common.StringPtr("ecdn")
-	describeCertDomainsResp, err := d.sdkClients.CDN.DescribeCertDomains(describeCertDomainsReq)
-	d.logger.Debug("sdk request 'cdn.DescribeCertDomains'", slog.Any("request", describeCertDomainsReq), slog.Any("response", describeCertDomainsResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cdn.DescribeCertDomains': %w", err)
-	}
-
-	domains := make([]string, 0)
-	if describeCertDomainsResp.Response.Domains != nil {
-		for _, domain := range describeCertDomainsResp.Response.Domains {
-			domains = append(domains, *domain)
-		}
-	}
-
-	return domains, nil
-}
-
-func createSdkClients(secretId, secretKey string) (*wSdkClients, error) {
-	credential := common.NewCredential(secretId, secretKey)
-
-	sslClient, err := tcssl.NewClient(credential, "", profile.NewClientProfile())
-	if err != nil {
-		return nil, err
-	}
-
-	cdnClient, err := tccdn.NewClient(credential, "", profile.NewClientProfile())
-	if err != nil {
-		return nil, err
-	}
-
-	return &wSdkClients{
-		SSL: sslClient,
-		CDN: cdnClient,
-	}, nil
-}

internal/pkg/core/deployer/providers/tencentcloud-ssl/tencentcloud_ssl.go

@@ -1,68 +0,0 @@
-package tencentcloudssl
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/tencentcloud-ssl"
-)
-
-type DeployerConfig struct {
-	// 腾讯云 SecretId。
-	SecretId string `json:"secretId"`
-	// 腾讯云 SecretKey。
-	SecretKey string `json:"secretKey"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		SecretId:  config.SecretId,
-		SecretKey: config.SecretKey,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到 SSL
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/deployer/providers/volcengine-certcenter/volcengine_certcenter.go

@@ -1,71 +0,0 @@
-package volcenginecertcenter
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/deployer"
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/volcengine-certcenter"
-)
-
-type DeployerConfig struct {
-	// 火山引擎 AccessKeyId。
-	AccessKeyId string `json:"accessKeyId"`
-	// 火山引擎 AccessKeySecret。
-	AccessKeySecret string `json:"accessKeySecret"`
-	// 火山引擎地域。
-	Region string `json:"region"`
-}
-
-type DeployerProvider struct {
-	config      *DeployerConfig
-	logger      *slog.Logger
-	sslUploader uploader.Uploader
-}
-
-var _ deployer.Deployer = (*DeployerProvider)(nil)
-
-func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
-		AccessKeyId:     config.AccessKeyId,
-		AccessKeySecret: config.AccessKeySecret,
-		Region:          config.Region,
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to create ssl uploader: %w", err)
-	}
-
-	return &DeployerProvider{
-		config:      config,
-		logger:      slog.Default(),
-		sslUploader: uploader,
-	}, nil
-}
-
-func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
-	if logger == nil {
-		d.logger = slog.Default()
-	} else {
-		d.logger = logger
-	}
-	d.sslUploader.WithLogger(logger)
-	return d
-}
-
-func (d *DeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*deployer.DeployResult, error) {
-	// 上传证书到证书中心
-	upres, err := d.sslUploader.Upload(ctx, certPEM, privkeyPEM)
-	if err != nil {
-		return nil, fmt.Errorf("failed to upload certificate file: %w", err)
-	} else {
-		d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
-	}
-
-	return &deployer.DeployResult{}, nil
-}

internal/pkg/core/notifier/providers/bark/bark.go

@@ -1,62 +0,0 @@
-package bark
-
-import (
-	"context"
-	"log/slog"
-
-	"github.com/nikoksr/notify"
-	"github.com/nikoksr/notify/service/bark"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// Bark 服务地址。
-	// 零值时默认使用官方服务器。
-	ServerUrl string `json:"serverUrl"`
-	// Bark 设备密钥。
-	DeviceKey string `json:"deviceKey"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	var srv notify.Notifier
-	if n.config.ServerUrl == "" {
-		srv = bark.New(n.config.DeviceKey)
-	} else {
-		srv = bark.NewWithServers(n.config.DeviceKey, n.config.ServerUrl)
-	}
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/dingtalk/dingtalk.go

@@ -1,65 +0,0 @@
-package dingtalk
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"net/url"
-
-	"github.com/nikoksr/notify/service/dingding"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// 钉钉机器人的 Webhook 地址。
-	WebhookUrl string `json:"webhookUrl"`
-	// 钉钉机器人的 Secret。
-	Secret string `json:"secret"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	webhookUrl, err := url.Parse(n.config.WebhookUrl)
-	if err != nil {
-		return nil, fmt.Errorf("invalid webhook url: %w", err)
-	}
-
-	srv := dingding.New(&dingding.Config{
-		Token:  webhookUrl.Query().Get("access_token"),
-		Secret: n.config.Secret,
-	})
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/gotify/gotify.go

@@ -1,96 +0,0 @@
-package gotify
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net/http"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// Gotify 服务地址。
-	Url string `json:"url"`
-	// Gotify Token。
-	Token string `json:"token"`
-	// Gotify 消息优先级。
-	Priority int64 `json:"priority,omitempty"`
-}
-
-type NotifierProvider struct {
-	config     *NotifierConfig
-	logger     *slog.Logger
-	httpClient *http.Client
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config:     config,
-		logger:     slog.Default(),
-		httpClient: http.DefaultClient,
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	reqBody := &struct {
-		Title    string `json:"title"`
-		Message  string `json:"message"`
-		Priority int64  `json:"priority"`
-	}{
-		Title:    subject,
-		Message:  message,
-		Priority: n.config.Priority,
-	}
-
-	body, err := json.Marshal(reqBody)
-	if err != nil {
-		return nil, fmt.Errorf("gotify api error: failed to encode message body: %w", err)
-	}
-
-	req, err := http.NewRequestWithContext(
-		ctx,
-		http.MethodPost,
-		fmt.Sprintf("%s/message", n.config.Url),
-		bytes.NewReader(body),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("gotify api error: failed to create new request: %w", err)
-	}
-
-	req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", n.config.Token))
-	req.Header.Set("Content-Type", "application/json; charset=utf-8")
-
-	resp, err := n.httpClient.Do(req)
-	if err != nil {
-		return nil, fmt.Errorf("gotify api error: failed to send request: %w", err)
-	}
-	defer resp.Body.Close()
-
-	result, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return nil, fmt.Errorf("gotify api error: failed to read response: %w", err)
-	} else if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("gotify api error: unexpected status code: %d, resp: %s", resp.StatusCode, string(result))
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/lark/lark.go

@@ -1,53 +0,0 @@
-package lark
-
-import (
-	"context"
-	"log/slog"
-
-	"github.com/nikoksr/notify/service/lark"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// 飞书机器人 Webhook 地址。
-	WebhookUrl string `json:"webhookUrl"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv := lark.NewWebhookService(n.config.WebhookUrl)
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/mattermost/mattermost.go

@@ -1,92 +0,0 @@
-package mattermost
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"io"
-	"log/slog"
-	"net/http"
-	"strings"
-
-	"github.com/nikoksr/notify/service/mattermost"
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// 服务地址。
-	ServerUrl string `json:"serverUrl"`
-	// 用户名。
-	Username string `json:"username"`
-	// 密码。
-	Password string `json:"password"`
-	// 频道 ID。
-	ChannelId string `json:"channelId"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv := mattermost.New(strings.TrimRight(n.config.ServerUrl, "/"))
-
-	if err := srv.LoginWithCredentials(ctx, n.config.Username, n.config.Password); err != nil {
-		return nil, err
-	}
-
-	srv.AddReceivers(n.config.ChannelId)
-
-	// 复写消息样式
-	srv.PreSend(func(req *http.Request) error {
-		m := map[string]interface{}{
-			"channel_id": n.config.ChannelId,
-			"props": map[string]interface{}{
-				"attachments": []map[string]interface{}{
-					{
-						"title": subject,
-						"text":  message,
-					},
-				},
-			},
-		}
-
-		if body, err := json.Marshal(m); err != nil {
-			return err
-		} else {
-			req.ContentLength = int64(len(body))
-			req.Body = io.NopCloser(bytes.NewReader(body))
-		}
-
-		return nil
-	})
-
-	if err = srv.Send(ctx, subject, message); err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/pushover/pushover.go

@@ -1,96 +0,0 @@
-package pushover
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net/http"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// Pushover API Token。
-	Token string `json:"token"`
-	// 用户或分组标识。
-	User string `json:"user"`
-}
-
-type NotifierProvider struct {
-	config     *NotifierConfig
-	logger     *slog.Logger
-	httpClient *http.Client
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config:     config,
-		logger:     slog.Default(),
-		httpClient: http.DefaultClient,
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	// REF: https://pushover.net/api
-	reqBody := &struct {
-		Token   string `json:"token"`
-		User    string `json:"user"`
-		Title   string `json:"title"`
-		Message string `json:"message"`
-	}{
-		Token:   n.config.Token,
-		User:    n.config.User,
-		Title:   subject,
-		Message: message,
-	}
-
-	body, err := json.Marshal(reqBody)
-	if err != nil {
-		return nil, fmt.Errorf("pushover api error: failed to encode message body: %w", err)
-	}
-
-	req, err := http.NewRequestWithContext(
-		ctx,
-		http.MethodPost,
-		"https://api.pushover.net/1/messages.json",
-		bytes.NewReader(body),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("pushover api error: failed to create new request: %w", err)
-	}
-
-	req.Header.Set("Content-Type", "application/json; charset=utf-8")
-
-	resp, err := n.httpClient.Do(req)
-	if err != nil {
-		return nil, fmt.Errorf("pushover api error: failed to send request: %w", err)
-	}
-	defer resp.Body.Close()
-
-	result, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return nil, fmt.Errorf("pushover api error: failed to read response: %w", err)
-	} else if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("pushover api error: unexpected status code: %d, resp: %s", resp.StatusCode, string(result))
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/pushplus/pushplus.go

@@ -1,102 +0,0 @@
-package pushplus
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net/http"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// PushPlus Token。
-	Token string `json:"token"`
-}
-
-type NotifierProvider struct {
-	config     *NotifierConfig
-	logger     *slog.Logger
-	httpClient *http.Client
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config:     config,
-		logger:     slog.Default(),
-		httpClient: http.DefaultClient,
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	// REF: https://pushplus.plus/doc/guide/api.html
-	reqBody := &struct {
-		Token   string `json:"token"`
-		Title   string `json:"title"`
-		Content string `json:"content"`
-	}{
-		Token:   n.config.Token,
-		Title:   subject,
-		Content: message,
-	}
-
-	body, err := json.Marshal(reqBody)
-	if err != nil {
-		return nil, fmt.Errorf("pushplus api error: failed to encode message body: %w", err)
-	}
-
-	req, err := http.NewRequestWithContext(
-		ctx,
-		http.MethodPost,
-		"https://www.pushplus.plus/send",
-		bytes.NewReader(body),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("pushplus api error: failed to create new request: %w", err)
-	}
-
-	req.Header.Set("Content-Type", "application/json; charset=utf-8")
-
-	resp, err := n.httpClient.Do(req)
-	if err != nil {
-		return nil, fmt.Errorf("pushplus api error: failed to send request: %w", err)
-	}
-	defer resp.Body.Close()
-
-	result, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return nil, fmt.Errorf("pushplus api error: failed to read response: %w", err)
-	} else if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("pushplus api error: unexpected status code: %d, resp: %s", resp.StatusCode, string(result))
-	}
-
-	var errorResponse struct {
-		Code int    `json:"code"`
-		Msg  string `json:"msg"`
-	}
-	if err := json.Unmarshal(result, &errorResponse); err != nil {
-		return nil, fmt.Errorf("pushplus api error: failed to decode response: %w", err)
-	} else if errorResponse.Code != 200 {
-		return nil, fmt.Errorf("pushplus api error: unexpected response code: %d, msg: %s", errorResponse.Code, errorResponse.Msg)
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/serverchan/serverchan.go

@@ -1,67 +0,0 @@
-package serverchan
-
-import (
-	"context"
-	"log/slog"
-	"net/http"
-
-	notifyHttp "github.com/nikoksr/notify/service/http"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// ServerChan 服务地址。
-	Url string `json:"url"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv := notifyHttp.New()
-
-	srv.AddReceivers(&notifyHttp.Webhook{
-		URL:         n.config.Url,
-		Header:      http.Header{},
-		ContentType: "application/json",
-		Method:      http.MethodPost,
-		BuildPayload: func(subject, message string) (payload any) {
-			return map[string]string{
-				"text": subject,
-				"desp": message,
-			}
-		},
-	})
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/telegram/telegram.go

@@ -1,60 +0,0 @@
-package telegram
-
-import (
-	"context"
-	"log/slog"
-
-	"github.com/nikoksr/notify/service/telegram"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// Telegram Bot API Token。
-	BotToken string `json:"botToken"`
-	// Telegram Chat ID。
-	ChatId int64 `json:"chatId"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-		logger: slog.Default(),
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv, err := telegram.New(n.config.BotToken)
-	if err != nil {
-		return nil, err
-	}
-
-	srv.AddReceivers(n.config.ChatId)
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/notifier/providers/wecom/wecom.go

@@ -1,68 +0,0 @@
-package serverchan
-
-import (
-	"context"
-	"log/slog"
-	"net/http"
-
-	notifyHttp "github.com/nikoksr/notify/service/http"
-
-	"github.com/usual2970/certimate/internal/pkg/core/notifier"
-)
-
-type NotifierConfig struct {
-	// 企业微信机器人 Webhook 地址。
-	WebhookUrl string `json:"webhookUrl"`
-}
-
-type NotifierProvider struct {
-	config *NotifierConfig
-	logger *slog.Logger
-}
-
-var _ notifier.Notifier = (*NotifierProvider)(nil)
-
-func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	return &NotifierProvider{
-		config: config,
-	}, nil
-}
-
-func (n *NotifierProvider) WithLogger(logger *slog.Logger) notifier.Notifier {
-	if logger == nil {
-		n.logger = slog.Default()
-	} else {
-		n.logger = logger
-	}
-	return n
-}
-
-func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv := notifyHttp.New()
-
-	srv.AddReceivers(&notifyHttp.Webhook{
-		URL:         n.config.WebhookUrl,
-		Header:      http.Header{},
-		ContentType: "application/json",
-		Method:      http.MethodPost,
-		BuildPayload: func(subject, message string) (payload any) {
-			return map[string]any{
-				"msgtype": "text",
-				"text": map[string]string{
-					"content": subject + "\n\n" + message,
-				},
-			}
-		},
-	})
-
-	err = srv.Send(ctx, subject, message)
-	if err != nil {
-		return nil, err
-	}
-
-	return &notifier.NotifyResult{}, nil
-}

internal/pkg/core/uploader/providers/1panel-ssl/1panel_ssl.go

@@ -1,144 +0,0 @@
-package onepanelssl
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-	"net/url"
-	"strings"
-	"time"
-
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
-)
-
-type UploaderConfig struct {
-	// 1Panel 地址。
-	ApiUrl string `json:"apiUrl"`
-	// 1Panel 接口密钥。
-	ApiKey string `json:"apiKey"`
-}
-
-type UploaderProvider struct {
-	config    *UploaderConfig
-	logger    *slog.Logger
-	sdkClient *opsdk.Client
-}
-
-var _ uploader.Uploader = (*UploaderProvider)(nil)
-
-func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiUrl, config.ApiKey)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &UploaderProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
-	if logger == nil {
-		u.logger = slog.Default()
-	} else {
-		u.logger = logger
-	}
-	return u
-}
-
-func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	// 遍历证书列表，避免重复上传
-	if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
-		return nil, err
-	} else if res != nil {
-		u.logger.Info("ssl certificate already exists")
-		return res, nil
-	}
-
-	// 生成新证书名（需符合 1Panel 命名规则）
-	certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
-
-	// 上传证书
-	uploadWebsiteSSLReq := &opsdk.UploadWebsiteSSLRequest{
-		Type:        "paste",
-		Description: certName,
-		Certificate: certPEM,
-		PrivateKey:  privkeyPEM,
-	}
-	uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
-	u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request '1panel.UploadWebsiteSSL': %w", err)
-	}
-
-	// 遍历证书列表，获取刚刚上传证书 ID
-	if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
-		return nil, err
-	} else if res == nil {
-		return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage())
-	} else {
-		return res, nil
-	}
-}
-
-func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	searchWebsiteSSLPageNumber := int32(1)
-	searchWebsiteSSLPageSize := int32(100)
-	for {
-		select {
-		case <-ctx.Done():
-			return nil, ctx.Err()
-		default:
-		}
-
-		searchWebsiteSSLReq := &opsdk.SearchWebsiteSSLRequest{
-			Page:     searchWebsiteSSLPageNumber,
-			PageSize: searchWebsiteSSLPageSize,
-		}
-		searchWebsiteSSLResp, err := u.sdkClient.SearchWebsiteSSL(searchWebsiteSSLReq)
-		u.logger.Debug("sdk request '1panel.SearchWebsiteSSL'", slog.Any("request", searchWebsiteSSLReq), slog.Any("response", searchWebsiteSSLResp))
-		if err != nil {
-			return nil, fmt.Errorf("failed to execute sdk request '1panel.SearchWebsiteSSL': %w", err)
-		}
-
-		for _, sslItem := range searchWebsiteSSLResp.Data.Items {
-			if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
-				strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
-				// 如果已存在相同证书，直接返回
-				return &uploader.UploadResult{
-					CertId:   fmt.Sprintf("%d", sslItem.ID),
-					CertName: sslItem.Description,
-				}, nil
-			}
-		}
-
-		if len(searchWebsiteSSLResp.Data.Items) < int(searchWebsiteSSLPageSize) {
-			break
-		} else {
-			searchWebsiteSSLPageNumber++
-		}
-	}
-
-	return nil, nil
-}
-
-func createSdkClient(apiUrl, apiKey string) (*opsdk.Client, error) {
-	if _, err := url.Parse(apiUrl); err != nil {
-		return nil, errors.New("invalid 1panel api url")
-	}
-
-	if apiKey == "" {
-		return nil, errors.New("invalid 1panel api key")
-	}
-
-	client := opsdk.NewClient(apiUrl, apiKey)
-	return client, nil
-}

internal/pkg/core/uploader/providers/dogecloud/dogecloud.go

@@ -1,77 +0,0 @@
-package dogecloud
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"time"
-
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud"
-)
-
-type UploaderConfig struct {
-	// 多吉云 AccessKey。
-	AccessKey string `json:"accessKey"`
-	// 多吉云 SecretKey。
-	SecretKey string `json:"secretKey"`
-}
-
-type UploaderProvider struct {
-	config    *UploaderConfig
-	logger    *slog.Logger
-	sdkClient *dogesdk.Client
-}
-
-var _ uploader.Uploader = (*UploaderProvider)(nil)
-
-func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.AccessKey, config.SecretKey)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &UploaderProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
-	if logger == nil {
-		u.logger = slog.Default()
-	} else {
-		u.logger = logger
-	}
-	return u
-}
-
-func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	// 生成新证书名（需符合多吉云命名规则）
-	var certId, certName string
-	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
-
-	// 上传新证书
-	// REF: https://docs.dogecloud.com/cdn/api-cert-upload
-	uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM)
-	u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadCdnCert': %w", err)
-	}
-
-	certId = fmt.Sprintf("%d", uploadSslCertResp.Data.Id)
-	return &uploader.UploadResult{
-		CertId:   certId,
-		CertName: certName,
-	}, nil
-}
-
-func createSdkClient(accessKey, secretKey string) (*dogesdk.Client, error) {
-	client := dogesdk.NewClient(accessKey, secretKey)
-	return client, nil
-}

internal/pkg/core/uploader/providers/gcore-cdn/gcore_cdn.go

@@ -1,95 +0,0 @@
-package gcorecdn
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-	"time"
-
-	"github.com/G-Core/gcorelabscdn-go/gcore/provider"
-	"github.com/G-Core/gcorelabscdn-go/sslcerts"
-
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common"
-)
-
-type UploaderConfig struct {
-	// Gcore API Token。
-	ApiToken string `json:"apiToken"`
-}
-
-type UploaderProvider struct {
-	config    *UploaderConfig
-	logger    *slog.Logger
-	sdkClient *sslcerts.Service
-}
-
-var _ uploader.Uploader = (*UploaderProvider)(nil)
-
-func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.ApiToken)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &UploaderProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
-	if logger == nil {
-		u.logger = slog.Default()
-	} else {
-		u.logger = logger
-	}
-	return u
-}
-
-func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	// 生成新证书名（需符合 Gcore 命名规则）
-	var certId, certName string
-	certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli())
-
-	// 新增证书
-	// REF: https://api.gcore.com/docs/cdn#tag/SSL-certificates/operation/add_ssl_certificates
-	createCertificateReq := &sslcerts.CreateRequest{
-		Name:           certName,
-		Cert:           certPEM,
-		PrivateKey:     privkeyPEM,
-		Automated:      false,
-		ValidateRootCA: false,
-	}
-	createCertificateResp, err := u.sdkClient.Create(context.TODO(), createCertificateReq)
-	u.logger.Debug("sdk request 'sslcerts.Create'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'sslcerts.Create': %w", err)
-	}
-
-	certId = fmt.Sprintf("%d", createCertificateResp.ID)
-	certName = createCertificateResp.Name
-	return &uploader.UploadResult{
-		CertId:   certId,
-		CertName: certName,
-	}, nil
-}
-
-func createSdkClient(apiToken string) (*sslcerts.Service, error) {
-	if apiToken == "" {
-		return nil, errors.New("invalid gcore api token")
-	}
-
-	requester := provider.NewClient(
-		gcoresdk.BASE_URL,
-		provider.WithSigner(gcoresdk.NewAuthRequestSigner(apiToken)),
-	)
-	service := sslcerts.NewService(requester)
-	return service, nil
-}

internal/pkg/core/uploader/providers/qiniu-sslcert/qiniu_sslcert.go

@@ -1,96 +0,0 @@
-package qiniusslcert
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-	"time"
-
-	"github.com/qiniu/go-sdk/v7/auth"
-
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu"
-	certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
-)
-
-type UploaderConfig struct {
-	// 七牛云 AccessKey。
-	AccessKey string `json:"accessKey"`
-	// 七牛云 SecretKey。
-	SecretKey string `json:"secretKey"`
-}
-
-type UploaderProvider struct {
-	config    *UploaderConfig
-	logger    *slog.Logger
-	sdkClient *qiniusdk.Client
-}
-
-var _ uploader.Uploader = (*UploaderProvider)(nil)
-
-func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.AccessKey, config.SecretKey)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &UploaderProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
-	if logger == nil {
-		u.logger = slog.Default()
-	} else {
-		u.logger = logger
-	}
-	return u
-}
-
-func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	// 解析证书内容
-	certX509, err := certutil.ParseCertificateFromPEM(certPEM)
-	if err != nil {
-		return nil, err
-	}
-
-	// 生成新证书名（需符合七牛云命名规则）
-	var certId, certName string
-	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
-
-	// 上传新证书
-	// REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate
-	uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM)
-	u.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'cdn.UploadSslCert': %w", err)
-	}
-
-	certId = uploadSslCertResp.CertID
-	return &uploader.UploadResult{
-		CertId:   certId,
-		CertName: certName,
-	}, nil
-}
-
-func createSdkClient(accessKey, secretKey string) (*qiniusdk.Client, error) {
-	if secretKey == "" {
-		return nil, errors.New("invalid qiniu access key")
-	}
-
-	if secretKey == "" {
-		return nil, errors.New("invalid qiniu secret key")
-	}
-
-	credential := auth.New(accessKey, secretKey)
-	client := qiniusdk.NewClient(credential)
-	return client, nil
-}

internal/pkg/core/uploader/providers/upyun-ssl/upyun_ssl.go

@@ -1,82 +0,0 @@
-package upyunssl
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"log/slog"
-
-	"github.com/usual2970/certimate/internal/pkg/core/uploader"
-	upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console"
-)
-
-type UploaderConfig struct {
-	// 又拍云账号用户名。
-	Username string `json:"username"`
-	// 又拍云账号密码。
-	Password string `json:"password"`
-}
-
-type UploaderProvider struct {
-	config    *UploaderConfig
-	logger    *slog.Logger
-	sdkClient *upyunsdk.Client
-}
-
-var _ uploader.Uploader = (*UploaderProvider)(nil)
-
-func NewUploader(config *UploaderConfig) (*UploaderProvider, error) {
-	if config == nil {
-		panic("config is nil")
-	}
-
-	client, err := createSdkClient(config.Username, config.Password)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create sdk client: %w", err)
-	}
-
-	return &UploaderProvider{
-		config:    config,
-		logger:    slog.Default(),
-		sdkClient: client,
-	}, nil
-}
-
-func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
-	if logger == nil {
-		u.logger = slog.Default()
-	} else {
-		u.logger = logger
-	}
-	return u
-}
-
-func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
-	// 上传证书
-	uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{
-		Certificate: certPEM,
-		PrivateKey:  privkeyPEM,
-	}
-	uploadHttpsCertificateResp, err := u.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq)
-	u.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp))
-	if err != nil {
-		return nil, fmt.Errorf("failed to execute sdk request 'console.UploadHttpsCertificate': %w", err)
-	}
-
-	return &uploader.UploadResult{
-		CertId: uploadHttpsCertificateResp.Data.Result.CertificateId,
-	}, nil
-}
-
-func createSdkClient(username, password string) (*upyunsdk.Client, error) {
-	if username == "" {
-		return nil, errors.New("invalid upyun username")
-	}
-
-	if password == "" {
-		return nil, errors.New("invalid upyun password")
-	}
-
-	client := upyunsdk.NewClient(username, password)
-	return client, nil
-}

internal/pkg/core/uploader/uploader.go

@@ -1,32 +0,0 @@
-package uploader
-
-import (
-	"context"
-	"log/slog"
-)
-
-// 表示定义证书上传器的抽象类型接口。
-// 云服务商通常会提供 SSL 证书管理服务，可供用户集中管理证书。
-// 注意与 `Deployer` 区分，“上传”通常为“部署”的前置操作。
-type Uploader interface {
-	WithLogger(logger *slog.Logger) Uploader
-
-	// 上传证书。
-	//
-	// 入参：
-	//   - ctx：上下文。
-	//   - certPEM：证书 PEM 内容。
-	//   - privkeyPEM：私钥 PEM 内容。
-	//
-	// 出参：
-	//   - res：上传结果。
-	//   - err: 错误。
-	Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *UploadResult, err error)
-}
-
-// 表示证书上传结果的数据结构，包含上传后的证书 ID、名称和其他数据。
-type UploadResult struct {
-	CertId       string         `json:"certId"`
-	CertName     string         `json:"certName,omitzero"`
-	ExtendedData map[string]any `json:"extendedData,omitempty"`
-}

internal/pkg/sdk3rd/1panel/api.go

@@ -1,54 +0,0 @@
-package onepanel
-
-import (
-	"fmt"
-	"net/http"
-)
-
-func (c *Client) UpdateSystemSSL(req *UpdateSystemSSLRequest) (*UpdateSystemSSLResponse, error) {
-	resp := &UpdateSystemSSLResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/settings/ssl/update", req, resp)
-	return resp, err
-}
-
-func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteSSLResponse, error) {
-	resp := &SearchWebsiteSSLResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/search", req, resp)
-	return resp, err
-}
-
-func (c *Client) GetWebsiteSSL(req *GetWebsiteSSLRequest) (*GetWebsiteSSLResponse, error) {
-	if req.SSLID == 0 {
-		return nil, fmt.Errorf("1panel api error: invalid parameter: SSLID")
-	}
-
-	resp := &GetWebsiteSSLResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", req.SSLID), req, resp)
-	return resp, err
-}
-
-func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) {
-	resp := &UploadWebsiteSSLResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/upload", req, resp)
-	return resp, err
-}
-
-func (c *Client) GetHttpsConf(req *GetHttpsConfRequest) (*GetHttpsConfResponse, error) {
-	if req.WebsiteID == 0 {
-		return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID")
-	}
-
-	resp := &GetHttpsConfResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp)
-	return resp, err
-}
-
-func (c *Client) UpdateHttpsConf(req *UpdateHttpsConfRequest) (*UpdateHttpsConfResponse, error) {
-	if req.WebsiteID == 0 {
-		return nil, fmt.Errorf("1panel api error: invalid parameter: WebsiteID")
-	}
-
-	resp := &UpdateHttpsConfResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/websites/%d/https", req.WebsiteID), req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/1panel/client.go

@@ -1,104 +0,0 @@
-package onepanel
-
-import (
-	"crypto/md5"
-	"crypto/tls"
-	"encoding/hex"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiHost string
-	apiKey  string
-
-	client *resty.Client
-}
-
-func NewClient(apiHost, apiKey string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiHost: strings.TrimRight(apiHost, "/"),
-		apiKey:  apiKey,
-		client:  client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) WithTLSConfig(config *tls.Config) *Client {
-	c.client.SetTLSClientConfig(config)
-	return c
-}
-
-func (c *Client) generateToken(timestamp string) string {
-	tokenMd5 := md5.Sum([]byte("1panel" + c.apiKey + timestamp))
-	tokenMd5Hex := hex.EncodeToString(tokenMd5[:])
-	return tokenMd5Hex
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R()
-	req.Method = method
-	req.URL = c.apiHost + "/api/v1" + path
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(params)
-	}
-
-	timestamp := fmt.Sprintf("%d", time.Now().Unix())
-	token := c.generateToken(timestamp)
-	req.SetHeader("1Panel-Timestamp", timestamp)
-	req.SetHeader("1Panel-Token", token)
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("1panel api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("1panel api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("1panel api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode/100 != 2 {
-		return fmt.Errorf("1panel api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/1panel/models.go

@@ -1,131 +0,0 @@
-package onepanel
-
-type BaseResponse interface {
-	GetCode() int32
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    *int32  `json:"code,omitempty"`
-	Message *string `json:"message,omitempty"`
-}
-
-func (r *baseResponse) GetCode() int32 {
-	if r.Code != nil {
-		return *r.Code
-	}
-	return 0
-}
-
-func (r *baseResponse) GetMessage() string {
-	if r.Message != nil {
-		return *r.Message
-	}
-	return ""
-}
-
-type UpdateSystemSSLRequest struct {
-	Cert        string `json:"cert"`
-	Key         string `json:"key"`
-	SSLType     string `json:"sslType"`
-	SSL         string `json:"ssl"`
-	SSLID       int64  `json:"sslID"`
-	AutoRestart string `json:"autoRestart"`
-}
-
-type UpdateSystemSSLResponse struct {
-	baseResponse
-}
-
-type SearchWebsiteSSLRequest struct {
-	Page     int32 `json:"page"`
-	PageSize int32 `json:"pageSize"`
-}
-
-type SearchWebsiteSSLResponse struct {
-	baseResponse
-	Data *struct {
-		Items []*struct {
-			ID          int64  `json:"id"`
-			PEM         string `json:"pem"`
-			PrivateKey  string `json:"privateKey"`
-			Domains     string `json:"domains"`
-			Description string `json:"description"`
-			Status      string `json:"status"`
-			UpdatedAt   string `json:"updatedAt"`
-			CreatedAt   string `json:"createdAt"`
-		} `json:"items"`
-		Total int32 `json:"total"`
-	} `json:"data,omitempty"`
-}
-
-type GetWebsiteSSLRequest struct {
-	SSLID int64 `json:"-"`
-}
-
-type GetWebsiteSSLResponse struct {
-	baseResponse
-	Data *struct {
-		ID            int64  `json:"id"`
-		Provider      string `json:"provider"`
-		Description   string `json:"description"`
-		PrimaryDomain string `json:"primaryDomain"`
-		Domains       string `json:"domains"`
-		Type          string `json:"type"`
-		Organization  string `json:"organization"`
-		Status        string `json:"status"`
-		StartDate     string `json:"startDate"`
-		ExpireDate    string `json:"expireDate"`
-		CreatedAt     string `json:"createdAt"`
-		UpdatedAt     string `json:"updatedAt"`
-	} `json:"data,omitempty"`
-}
-
-type UploadWebsiteSSLRequest struct {
-	Type            string `json:"type"`
-	SSLID           int64  `json:"sslID"`
-	Certificate     string `json:"certificate"`
-	CertificatePath string `json:"certificatePath"`
-	PrivateKey      string `json:"privateKey"`
-	PrivateKeyPath  string `json:"privateKeyPath"`
-	Description     string `json:"description"`
-}
-
-type UploadWebsiteSSLResponse struct {
-	baseResponse
-}
-
-type GetHttpsConfRequest struct {
-	WebsiteID int64 `json:"-"`
-}
-
-type GetHttpsConfResponse struct {
-	baseResponse
-	Data *struct {
-		Enable      bool     `json:"enable"`
-		HttpConfig  string   `json:"httpConfig"`
-		SSLProtocol []string `json:"SSLProtocol"`
-		Algorithm   string   `json:"algorithm"`
-		Hsts        bool     `json:"hsts"`
-	} `json:"data,omitempty"`
-}
-
-type UpdateHttpsConfRequest struct {
-	WebsiteID       int64    `json:"websiteId"`
-	Enable          bool     `json:"enable"`
-	Type            string   `json:"type"`
-	WebsiteSSLID    int64    `json:"websiteSSLId"`
-	PrivateKey      string   `json:"privateKey"`
-	Certificate     string   `json:"certificate"`
-	PrivateKeyPath  string   `json:"privateKeyPath"`
-	CertificatePath string   `json:"certificatePath"`
-	ImportType      string   `json:"importType"`
-	HttpConfig      string   `json:"httpConfig"`
-	SSLProtocol     []string `json:"SSLProtocol"`
-	Algorithm       string   `json:"algorithm"`
-	Hsts            bool     `json:"hsts"`
-}
-
-type UpdateHttpsConfResponse struct {
-	baseResponse
-}

internal/pkg/sdk3rd/baishan/api.go

@@ -1,23 +0,0 @@
-package baishan
-
-import (
-	"net/http"
-)
-
-func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
-	resp := &CreateCertificateResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/certificate", req, resp)
-	return resp, err
-}
-
-func (c *Client) GetDomainConfig(req *GetDomainConfigRequest) (*GetDomainConfigResponse, error) {
-	resp := &GetDomainConfigResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, "/v2/domain/config", req, resp)
-	return resp, err
-}
-
-func (c *Client) SetDomainConfig(req *SetDomainConfigRequest) (*SetDomainConfigResponse, error) {
-	resp := &SetDomainConfigResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/v2/domain/config", req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/baishan/client.go

@@ -1,100 +0,0 @@
-package baishan
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"net/url"
-	"reflect"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiToken string
-
-	client *resty.Client
-}
-
-func NewClient(apiToken string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiToken: apiToken,
-		client:   client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R()
-	req.Method = method
-	req.URL = "https://cdn.api.baishan.com" + path
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := url.Values{}
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					rv := reflect.ValueOf(v)
-					switch rv.Kind() {
-					case reflect.Slice, reflect.Array:
-						for i := 0; i < rv.Len(); i++ {
-							qs.Add(fmt.Sprintf("%s[]", k), fmt.Sprintf("%v", rv.Index(i).Interface()))
-						}
-					case reflect.Map:
-						for _, rk := range rv.MapKeys() {
-							qs.Add(fmt.Sprintf("%s[%s]", k, rk.Interface()), fmt.Sprintf("%v", rv.MapIndex(rk).Interface()))
-						}
-					default:
-						qs.Set(k, fmt.Sprintf("%v", v))
-					}
-				}
-			}
-		}
-
-		req = req.
-			SetQueryParam("token", c.apiToken).
-			SetQueryParamsFromValues(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetQueryParam("token", c.apiToken).
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("baishan api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("baishan api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("baishan api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode != 0 {
-		return fmt.Errorf("baishan api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/baishan/models.go

@@ -1,82 +0,0 @@
-package baishan
-
-import "encoding/json"
-
-type BaseResponse interface {
-	GetCode() int32
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    *int32  `json:"code,omitempty"`
-	Message *string `json:"message,omitempty"`
-}
-
-func (r *baseResponse) GetCode() int32 {
-	if r.Code != nil {
-		return *r.Code
-	}
-	return 0
-}
-
-func (r *baseResponse) GetMessage() string {
-	if r.Message != nil {
-		return *r.Message
-	}
-	return ""
-}
-
-type CreateCertificateRequest struct {
-	CertificateId *string `json:"cert_id,omitempty"`
-	Certificate   string  `json:"certificate"`
-	Key           string  `json:"key"`
-	Name          string  `json:"name"`
-}
-
-type CreateCertificateResponse struct {
-	baseResponse
-	Data *DomainCertificate `json:"data,omitempty"`
-}
-
-type GetDomainConfigRequest struct {
-	Domains string   `json:"domains"`
-	Config  []string `json:"config"`
-}
-
-type GetDomainConfigResponse struct {
-	baseResponse
-	Data []*struct {
-		Domain string        `json:"domain"`
-		Config *DomainConfig `json:"config"`
-	} `json:"data,omitempty"`
-}
-
-type SetDomainConfigRequest struct {
-	Domains string        `json:"domains"`
-	Config  *DomainConfig `json:"config"`
-}
-
-type SetDomainConfigResponse struct {
-	baseResponse
-	Data *struct {
-		Config *DomainConfig `json:"config"`
-	} `json:"data,omitempty"`
-}
-
-type DomainCertificate struct {
-	CertId         json.Number `json:"cert_id"`
-	Name           string      `json:"name"`
-	CertStartTime  string      `json:"cert_start_time"`
-	CertExpireTime string      `json:"cert_expire_time"`
-}
-
-type DomainConfig struct {
-	Https *DomainConfigHttps `json:"https"`
-}
-
-type DomainConfigHttps struct {
-	CertId      json.Number `json:"cert_id"`
-	ForceHttps  *string     `json:"force_https,omitempty"`
-	EnableHttp2 *string     `json:"http2,omitempty"`
-	EnableOcsp  *string     `json:"ocsp,omitempty"`
-}

internal/pkg/sdk3rd/btpanel/api.go

@@ -1,31 +0,0 @@
-package btpanel
-
-func (c *Client) ConfigSavePanelSSL(req *ConfigSavePanelSSLRequest) (*ConfigSavePanelSSLResponse, error) {
-	resp := &ConfigSavePanelSSLResponse{}
-	err := c.sendRequestWithResult("/config?action=SavePanelSSL", req, resp)
-	return resp, err
-}
-
-func (c *Client) SiteSetSSL(req *SiteSetSSLRequest) (*SiteSetSSLResponse, error) {
-	resp := &SiteSetSSLResponse{}
-	err := c.sendRequestWithResult("/site?action=SetSSL", req, resp)
-	return resp, err
-}
-
-func (c *Client) SystemServiceAdmin(req *SystemServiceAdminRequest) (*SystemServiceAdminResponse, error) {
-	resp := &SystemServiceAdminResponse{}
-	err := c.sendRequestWithResult("/system?action=ServiceAdmin", req, resp)
-	return resp, err
-}
-
-func (c *Client) SSLCertSaveCert(req *SSLCertSaveCertRequest) (*SSLCertSaveCertResponse, error) {
-	resp := &SSLCertSaveCertResponse{}
-	err := c.sendRequestWithResult("/ssl/cert/save_cert", req, resp)
-	return resp, err
-}
-
-func (c *Client) SSLSetBatchCertToSite(req *SSLSetBatchCertToSiteRequest) (*SSLSetBatchCertToSiteResponse, error) {
-	resp := &SSLSetBatchCertToSiteResponse{}
-	err := c.sendRequestWithResult("/ssl?action=SetBatchCertToSite", req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/btpanel/client.go

@@ -1,112 +0,0 @@
-package btpanel
-
-import (
-	"crypto/md5"
-	"crypto/tls"
-	"encoding/hex"
-	"encoding/json"
-	"fmt"
-	"reflect"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiHost string
-	apiKey  string
-
-	client *resty.Client
-}
-
-func NewClient(apiHost, apiKey string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiHost: strings.TrimRight(apiHost, "/"),
-		apiKey:  apiKey,
-		client:  client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) WithTLSConfig(config *tls.Config) *Client {
-	c.client.SetTLSClientConfig(config)
-	return c
-}
-
-func (c *Client) generateSignature(timestamp string) string {
-	keyMd5 := md5.Sum([]byte(c.apiKey))
-	keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
-
-	signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex))
-	signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:]))
-	return signMd5Hex
-}
-
-func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) {
-	timestamp := time.Now().Unix()
-
-	data := make(map[string]string)
-	if params != nil {
-		temp := make(map[string]any)
-		jsonb, _ := json.Marshal(params)
-		json.Unmarshal(jsonb, &temp)
-		for k, v := range temp {
-			if v != nil {
-				switch reflect.Indirect(reflect.ValueOf(v)).Kind() {
-				case reflect.String:
-					data[k] = v.(string)
-				case reflect.Bool, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64:
-					data[k] = fmt.Sprintf("%v", v)
-				default:
-					if t, ok := v.(time.Time); ok {
-						data[k] = t.Format(time.RFC3339)
-					} else {
-						jbytes, _ := json.Marshal(v)
-						data[k] = string(jbytes)
-					}
-				}
-			}
-		}
-	}
-	data["request_time"] = fmt.Sprintf("%d", timestamp)
-	data["request_token"] = c.generateSignature(fmt.Sprintf("%d", timestamp))
-
-	url := c.apiHost + path
-	req := c.client.R().
-		SetHeader("Content-Type", "application/x-www-form-urlencoded").
-		SetFormData(data)
-	resp, err := req.Post(url)
-	if err != nil {
-		return resp, fmt.Errorf("baota api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("baota api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(path, params)
-	if err != nil {
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("baota api error: failed to parse response: %w", err)
-	} else if errstatus := result.GetStatus(); errstatus != nil && !*errstatus {
-		if result.GetMessage() == nil {
-			return fmt.Errorf("baota api error: unknown error")
-		} else {
-			return fmt.Errorf("baota api error: message='%s'", *result.GetMessage())
-		}
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/btpanel/models.go

@@ -1,75 +0,0 @@
-package btpanel
-
-type BaseResponse interface {
-	GetStatus() *bool
-	GetMessage() *string
-}
-
-type baseResponse struct {
-	Status  *bool   `json:"status,omitempty"`
-	Message *string `json:"msg,omitempty"`
-}
-
-func (r *baseResponse) GetStatus() *bool {
-	return r.Status
-}
-
-func (r *baseResponse) GetMessage() *string {
-	return r.Message
-}
-
-type ConfigSavePanelSSLRequest struct {
-	PrivateKey  string `json:"privateKey"`
-	Certificate string `json:"certPem"`
-}
-
-type ConfigSavePanelSSLResponse struct {
-	baseResponse
-}
-
-type SiteSetSSLRequest struct {
-	Type        string `json:"type"`
-	SiteName    string `json:"siteName"`
-	PrivateKey  string `json:"key"`
-	Certificate string `json:"csr"`
-}
-
-type SiteSetSSLResponse struct {
-	baseResponse
-}
-
-type SystemServiceAdminRequest struct {
-	Name string `json:"name"`
-	Type string `json:"type"`
-}
-
-type SystemServiceAdminResponse struct {
-	baseResponse
-}
-
-type SSLCertSaveCertRequest struct {
-	PrivateKey  string `json:"key"`
-	Certificate string `json:"csr"`
-}
-
-type SSLCertSaveCertResponse struct {
-	baseResponse
-	SSLHash string `json:"ssl_hash"`
-}
-
-type SSLSetBatchCertToSiteRequest struct {
-	BatchInfo []*SSLSetBatchCertToSiteRequestBatchInfo `json:"BatchInfo"`
-}
-
-type SSLSetBatchCertToSiteRequestBatchInfo struct {
-	SSLHash  string `json:"ssl_hash"`
-	SiteName string `json:"siteName"`
-	CertName string `json:"certName"`
-}
-
-type SSLSetBatchCertToSiteResponse struct {
-	baseResponse
-	TotalCount   int32 `json:"total"`
-	SuccessCount int32 `json:"success"`
-	FailedCount  int32 `json:"faild"`
-}

internal/pkg/sdk3rd/bunny/api.go

@@ -1,16 +0,0 @@
-package bunny
-
-import (
-	"fmt"
-	"net/http"
-	"net/url"
-)
-
-func (c *Client) AddCustomCertificate(req *AddCustomCertificateRequest) ([]byte, error) {
-	if req.PullZoneId == "" {
-		return nil, fmt.Errorf("bunny api error: invalid parameter: PullZoneId")
-	}
-
-	resp, err := c.sendRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", url.PathEscape(req.PullZoneId)), req)
-	return resp.Body(), err
-}

internal/pkg/sdk3rd/bunny/client.go

@@ -1,66 +0,0 @@
-package bunny
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiToken string
-
-	client *resty.Client
-}
-
-func NewClient(apiToken string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiToken: apiToken,
-		client:   client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R()
-	req.Method = method
-	req.URL = "https://api.bunny.net" + path
-	req = req.SetHeader("AccessKey", c.apiToken)
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("bunny api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("bunny api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}

internal/pkg/sdk3rd/bunny/models.go

@@ -1,8 +0,0 @@
-package bunny
-
-type AddCustomCertificateRequest struct {
-	Hostname       string `json:"Hostname"`
-	PullZoneId     string `json:"-"`
-	Certificate    string `json:"Certificate"`
-	CertificateKey string `json:"CertificateKey"`
-}

internal/pkg/sdk3rd/cachefly/api.go

@@ -1,11 +0,0 @@
-package cachefly
-
-import (
-	"net/http"
-)
-
-func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
-	resp := &CreateCertificateResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/certificates", req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/cachefly/client.go

@@ -1,82 +0,0 @@
-package cachefly
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiToken string
-
-	client *resty.Client
-}
-
-func NewClient(apiToken string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiToken: apiToken,
-		client:   client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R()
-	req.Method = method
-	req.URL = "https://api.cachefly.com/api/2.5" + path
-	req = req.SetHeader("x-cf-authorization", "Bearer "+c.apiToken)
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("cachefly api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("cachefly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("cachefly api error: failed to parse response: %w", err)
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/cachefly/models.go

@@ -1,38 +0,0 @@
-package cachefly
-
-type BaseResponse interface {
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Message *string `json:"message,omitempty"`
-}
-
-func (r *baseResponse) GetMessage() string {
-	if r.Message != nil {
-		return *r.Message
-	}
-	return ""
-}
-
-type CreateCertificateRequest struct {
-	Certificate    string  `json:"certificate"`
-	CertificateKey string  `json:"certificateKey"`
-	Password       *string `json:"password"`
-}
-
-type CreateCertificateResponse struct {
-	baseResponse
-	Id                string   `json:"_id"`
-	SubjectCommonName string   `json:"subjectCommonName"`
-	SubjectNames      []string `json:"subjectNames"`
-	Expired           bool     `json:"expired"`
-	Expiring          bool     `json:"expiring"`
-	InUse             bool     `json:"inUse"`
-	Managed           bool     `json:"managed"`
-	Services          []string `json:"services"`
-	Domains           []string `json:"domains"`
-	NotBefore         string   `json:"notBefore"`
-	NotAfter          string   `json:"notAfter"`
-	CreatedAt         string   `json:"createdAt"`
-}

internal/pkg/sdk3rd/cdnfly/api.go

@@ -1,43 +0,0 @@
-package cdnfly
-
-import (
-	"fmt"
-	"net/http"
-	"net/url"
-)
-
-func (c *Client) GetSite(req *GetSiteRequest) (*GetSiteResponse, error) {
-	if req.Id == "" {
-		return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id")
-	}
-
-	resp := &GetSiteResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp)
-	return resp, err
-}
-
-func (c *Client) UpdateSite(req *UpdateSiteRequest) (*UpdateSiteResponse, error) {
-	if req.Id == "" {
-		return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id")
-	}
-
-	resp := &UpdateSiteResponse{}
-	err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/sites/%s", url.PathEscape(req.Id)), req, resp)
-	return resp, err
-}
-
-func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
-	resp := &CreateCertificateResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/v1/certs", req, resp)
-	return resp, err
-}
-
-func (c *Client) UpdateCertificate(req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) {
-	if req.Id == "" {
-		return nil, fmt.Errorf("cdnfly api error: invalid parameter: Id")
-	}
-
-	resp := &UpdateCertificateResponse{}
-	err := c.sendRequestWithResult(http.MethodPut, fmt.Sprintf("/v1/certs/%s", url.PathEscape(req.Id)), req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/cdnfly/client.go

@@ -1,96 +0,0 @@
-package cdnfly
-
-import (
-	"crypto/tls"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiHost   string
-	apiKey    string
-	apiSecret string
-
-	client *resty.Client
-}
-
-func NewClient(apiHost, apiKey, apiSecret string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiHost:   strings.TrimRight(apiHost, "/"),
-		apiKey:    apiKey,
-		apiSecret: apiSecret,
-		client:    client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) WithTLSConfig(config *tls.Config) *Client {
-	c.client.SetTLSClientConfig(config)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R()
-	req.Method = method
-	req.URL = c.apiHost + path
-	req = req.
-		SetHeader("api-key", c.apiKey).
-		SetHeader("api-secret", c.apiSecret)
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("cdnfly api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("cdnfly api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("cdnfly api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode != "" && errcode != "0" {
-		return fmt.Errorf("cdnfly api error: code='%s', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/cdnfly/models.go

@@ -1,84 +0,0 @@
-package cdnfly
-
-import "fmt"
-
-type BaseResponse interface {
-	GetCode() string
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    any    `json:"code"`
-	Message string `json:"msg"`
-}
-
-func (r *baseResponse) GetCode() string {
-	if r.Code == nil {
-		return ""
-	}
-
-	if code, ok := r.Code.(int); ok {
-		return fmt.Sprintf("%d", code)
-	}
-
-	if code, ok := r.Code.(string); ok {
-		return code
-	}
-
-	return ""
-}
-
-func (r *baseResponse) GetMessage() string {
-	return r.Message
-}
-
-type GetSiteRequest struct {
-	Id string `json:"-"`
-}
-
-type GetSiteResponse struct {
-	baseResponse
-	Data *struct {
-		Id          int64  `json:"id"`
-		Name        string `json:"name"`
-		Domain      string `json:"domain"`
-		HttpsListen string `json:"https_listen"`
-	} `json:"data,omitempty"`
-}
-
-type UpdateSiteRequest struct {
-	Id          string  `json:"-"`
-	HttpsListen *string `json:"https_listen,omitempty"`
-	Enable      *bool   `json:"enable,omitempty"`
-}
-
-type UpdateSiteResponse struct {
-	baseResponse
-}
-
-type CreateCertificateRequest struct {
-	Name        string  `json:"name"`
-	Description *string `json:"des,omitempty"`
-	Type        string  `json:"type"`
-	Cert        string  `json:"cert"`
-	Key         string  `json:"key"`
-}
-
-type CreateCertificateResponse struct {
-	baseResponse
-	Data string `json:"data"`
-}
-
-type UpdateCertificateRequest struct {
-	Id          string  `json:"-"`
-	Name        *string `json:"name,omitempty"`
-	Description *string `json:"des,omitempty"`
-	Type        *string `json:"type,omitempty"`
-	Cert        *string `json:"cert,omitempty"`
-	Key         *string `json:"key,omitempty"`
-	Enable      *bool   `json:"enable,omitempty"`
-}
-
-type UpdateCertificateResponse struct {
-	baseResponse
-}

internal/pkg/sdk3rd/dnsla/api.go

@@ -1,41 +0,0 @@
-package dnsla
-
-import (
-	"fmt"
-	"net/http"
-	"net/url"
-)
-
-func (c *Client) ListDomains(req *ListDomainsRequest) (*ListDomainsResponse, error) {
-	resp := &ListDomainsResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, "/domainList", req, resp)
-	return resp, err
-}
-
-func (c *Client) ListRecords(req *ListRecordsRequest) (*ListRecordsResponse, error) {
-	resp := &ListRecordsResponse{}
-	err := c.sendRequestWithResult(http.MethodGet, "/recordList", req, resp)
-	return resp, err
-}
-
-func (c *Client) CreateRecord(req *CreateRecordRequest) (*CreateRecordResponse, error) {
-	resp := &CreateRecordResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/record", req, resp)
-	return resp, err
-}
-
-func (c *Client) UpdateRecord(req *UpdateRecordRequest) (*UpdateRecordResponse, error) {
-	resp := &UpdateRecordResponse{}
-	err := c.sendRequestWithResult(http.MethodPut, "/record", req, resp)
-	return resp, err
-}
-
-func (c *Client) DeleteRecord(req *DeleteRecordRequest) (*DeleteRecordResponse, error) {
-	if req.Id == "" {
-		return nil, fmt.Errorf("dnsla api error: invalid parameter: Id")
-	}
-
-	resp := &DeleteRecordResponse{}
-	err := c.sendRequestWithResult(http.MethodDelete, fmt.Sprintf("/record?id=%s", url.QueryEscape(req.Id)), req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/dnsla/client.go

@@ -1,85 +0,0 @@
-package dnsla
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiId     string
-	apiSecret string
-
-	client *resty.Client
-}
-
-func NewClient(apiId, apiSecret string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiId:     apiId,
-		apiSecret: apiSecret,
-		client:    client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R().SetBasicAuth(c.apiId, c.apiSecret)
-	req.Method = method
-	req.URL = "https://api.dns.la/api" + path
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("dnsla api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("dnsla api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("dnsla api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode/100 != 2 {
-		return fmt.Errorf("dnsla api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/dnsla/models.go

@@ -1,131 +0,0 @@
-package dnsla
-
-type BaseResponse interface {
-	GetCode() int32
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    *int32  `json:"code,omitempty"`
-	Message *string `json:"message,omitempty"`
-}
-
-func (r *baseResponse) GetCode() int32 {
-	if r.Code != nil {
-		return *r.Code
-	}
-	return 0
-}
-
-func (r *baseResponse) GetMessage() string {
-	if r.Message != nil {
-		return *r.Message
-	}
-	return ""
-}
-
-type DomainInfo struct {
-	Id            string `json:"id"`
-	GroupId       string `json:"groupId"`
-	GroupName     string `json:"groupName"`
-	Domain        string `json:"domain"`
-	DisplayDomain string `json:"displayDomain"`
-	CreatedAt     int64  `json:"createdAt"`
-	UpdatedAt     int64  `json:"updatedAt"`
-}
-
-type RecordInfo struct {
-	Id          string `json:"id"`
-	DomainId    string `json:"domainId"`
-	GroupId     string `json:"groupId"`
-	GroupName   string `json:"groupName"`
-	LineId      string `json:"lineId"`
-	LineCode    string `json:"lineCode"`
-	LineName    string `json:"lineName"`
-	Type        int32  `json:"type"`
-	Host        string `json:"host"`
-	DisplayHost string `json:"displayHost"`
-	Data        string `json:"data"`
-	DisplayData string `json:"displayData"`
-	Ttl         int32  `json:"ttl"`
-	Weight      int32  `json:"weight"`
-	Preference  int32  `json:"preference"`
-	CreatedAt   int64  `json:"createdAt"`
-	UpdatedAt   int64  `json:"updatedAt"`
-}
-
-type ListDomainsRequest struct {
-	PageIndex int32   `json:"pageIndex"`
-	PageSize  int32   `json:"pageSize"`
-	GroupId   *string `json:"groupId,omitempty"`
-}
-
-type ListDomainsResponse struct {
-	baseResponse
-	Data *struct {
-		Total   int32         `json:"total"`
-		Results []*DomainInfo `json:"results"`
-	} `json:"data,omitempty"`
-}
-
-type ListRecordsRequest struct {
-	PageIndex int32   `json:"pageIndex"`
-	PageSize  int32   `json:"pageSize"`
-	DomainId  string  `json:"domainId"`
-	GroupId   *string `json:"groupId,omitempty"`
-	LineId    *string `json:"lineId,omitempty"`
-	Type      *int32  `json:"type,omitempty"`
-	Host      *string `json:"host,omitempty"`
-	Data      *string `json:"data,omitempty"`
-}
-
-type ListRecordsResponse struct {
-	baseResponse
-	Data *struct {
-		Total   int32         `json:"total"`
-		Results []*RecordInfo `json:"results"`
-	} `json:"data,omitempty"`
-}
-
-type CreateRecordRequest struct {
-	DomainId   string  `json:"domainId"`
-	GroupId    *string `json:"groupId,omitempty"`
-	LineId     *string `json:"lineId,omitempty"`
-	Type       int32   `json:"type"`
-	Host       string  `json:"host"`
-	Data       string  `json:"data"`
-	Ttl        int32   `json:"ttl"`
-	Weight     *int32  `json:"weight,omitempty"`
-	Preference *int32  `json:"preference,omitempty"`
-}
-
-type CreateRecordResponse struct {
-	baseResponse
-	Data *struct {
-		Id string `json:"id"`
-	} `json:"data,omitempty"`
-}
-
-type UpdateRecordRequest struct {
-	Id         string  `json:"id"`
-	GroupId    *string `json:"groupId,omitempty"`
-	LineId     *string `json:"lineId,omitempty"`
-	Type       *int32  `json:"type,omitempty"`
-	Host       *string `json:"host,omitempty"`
-	Data       *string `json:"data,omitempty"`
-	Ttl        *int32  `json:"ttl,omitempty"`
-	Weight     *int32  `json:"weight,omitempty"`
-	Preference *int32  `json:"preference,omitempty"`
-}
-
-type UpdateRecordResponse struct {
-	baseResponse
-}
-
-type DeleteRecordRequest struct {
-	Id string `json:"-"`
-}
-
-type DeleteRecordResponse struct {
-	baseResponse
-}

internal/pkg/sdk3rd/dogecloud/client.go

@@ -1,183 +0,0 @@
-package dogecloud
-
-import (
-	"crypto/hmac"
-	"crypto/sha1"
-	"encoding/hex"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const dogeHost = "https://api.dogecloud.com"
-
-type Client struct {
-	accessKey string
-	secretKey string
-}
-
-func NewClient(accessKey, secretKey string) *Client {
-	return &Client{accessKey: accessKey, secretKey: secretKey}
-}
-
-func (c *Client) UploadCdnCert(note, cert, private string) (*UploadCdnCertResponse, error) {
-	req := &UploadCdnCertRequest{
-		Note:        note,
-		Certificate: cert,
-		PrivateKey:  private,
-	}
-
-	reqBts, err := json.Marshal(req)
-	if err != nil {
-		return nil, err
-	}
-
-	reqMap := make(map[string]interface{})
-	err = json.Unmarshal(reqBts, &reqMap)
-	if err != nil {
-		return nil, err
-	}
-
-	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/upload.json", reqMap, true)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := &UploadCdnCertResponse{}
-	err = json.Unmarshal(respBts, resp)
-	if err != nil {
-		return nil, err
-	}
-	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
-		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
-	}
-
-	return resp, nil
-}
-
-func (c *Client) BindCdnCertWithDomain(certId int64, domain string) (*BindCdnCertResponse, error) {
-	req := &BindCdnCertRequest{
-		CertId: certId,
-		Domain: &domain,
-	}
-
-	reqBts, err := json.Marshal(req)
-	if err != nil {
-		return nil, err
-	}
-
-	reqMap := make(map[string]interface{})
-	err = json.Unmarshal(reqBts, &reqMap)
-	if err != nil {
-		return nil, err
-	}
-
-	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := &BindCdnCertResponse{}
-	err = json.Unmarshal(respBts, resp)
-	if err != nil {
-		return nil, err
-	}
-	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
-		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
-	}
-
-	return resp, nil
-}
-
-func (c *Client) BindCdnCertWithDomainId(certId int64, domainId int64) (*BindCdnCertResponse, error) {
-	req := &BindCdnCertRequest{
-		CertId:   certId,
-		DomainId: &domainId,
-	}
-
-	reqBts, err := json.Marshal(req)
-	if err != nil {
-		return nil, err
-	}
-
-	reqMap := make(map[string]interface{})
-	err = json.Unmarshal(reqBts, &reqMap)
-	if err != nil {
-		return nil, err
-	}
-
-	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := &BindCdnCertResponse{}
-	err = json.Unmarshal(respBts, resp)
-	if err != nil {
-		return nil, err
-	}
-	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
-		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
-	}
-
-	return resp, nil
-}
-
-// 调用多吉云的 API。
-// https://docs.dogecloud.com/cdn/api-access-token?id=go
-//
-// 入参：
-//   - method：GET 或 POST
-//   - path：是调用的 API 接口地址，包含 URL 请求参数 QueryString，例如：/console/vfetch/add.json?url=xxx&a=1&b=2
-//   - data：POST 的数据，对象，例如 {a: 1, b: 2}，传递此参数表示不是 GET 请求而是 POST 请求
-//   - jsonMode：数据 data 是否以 JSON 格式请求，默认为 false 则使用表单形式（a=1&b=2）
-func (c *Client) sendReq(method string, path string, data map[string]interface{}, jsonMode bool) ([]byte, error) {
-	body := ""
-	mime := ""
-	if jsonMode {
-		_body, err := json.Marshal(data)
-		if err != nil {
-			return nil, err
-		}
-		body = string(_body)
-		mime = "application/json"
-	} else {
-		values := url.Values{}
-		for k, v := range data {
-			values.Set(k, v.(string))
-		}
-		body = values.Encode()
-		mime = "application/x-www-form-urlencoded"
-	}
-
-	path = strings.TrimPrefix(path, "/")
-	signStr := "/" + path + "\n" + body
-	hmacObj := hmac.New(sha1.New, []byte(c.secretKey))
-	hmacObj.Write([]byte(signStr))
-	sign := hex.EncodeToString(hmacObj.Sum(nil))
-	auth := fmt.Sprintf("TOKEN %s:%s", c.accessKey, sign)
-
-	req, err := http.NewRequest(method, fmt.Sprintf("%s/%s", dogeHost, path), strings.NewReader(body))
-	if err != nil {
-		return nil, err
-	}
-	req.Header.Add("Content-Type", mime)
-	req.Header.Add("Authorization", auth)
-
-	client := http.Client{}
-	resp, err := client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	r, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return nil, err
-	}
-
-	return r, nil
-}

internal/pkg/sdk3rd/dogecloud/models.go

@@ -1,31 +0,0 @@
-package dogecloud
-
-type BaseResponse struct {
-	Code    *int    `json:"code,omitempty"`
-	Message *string `json:"msg,omitempty"`
-}
-
-type UploadCdnCertRequest struct {
-	Note        string `json:"note"`
-	Certificate string `json:"cert"`
-	PrivateKey  string `json:"private"`
-}
-
-type UploadCdnCertResponseData struct {
-	Id int64 `json:"id"`
-}
-
-type UploadCdnCertResponse struct {
-	BaseResponse
-	Data *UploadCdnCertResponseData `json:"data,omitempty"`
-}
-
-type BindCdnCertRequest struct {
-	CertId   int64   `json:"id"`
-	DomainId *int64  `json:"did,omitempty"`
-	Domain   *string `json:"domain,omitempty"`
-}
-
-type BindCdnCertResponse struct {
-	BaseResponse
-}

internal/pkg/sdk3rd/gname/api.go

@@ -1,25 +0,0 @@
-package gname
-
-func (c *Client) AddDomainResolution(req *AddDomainResolutionRequest) (*AddDomainResolutionResponse, error) {
-	resp := &AddDomainResolutionResponse{}
-	err := c.sendRequestWithResult("/api/resolution/add", req, resp)
-	return resp, err
-}
-
-func (c *Client) ModifyDomainResolution(req *ModifyDomainResolutionRequest) (*ModifyDomainResolutionResponse, error) {
-	resp := &ModifyDomainResolutionResponse{}
-	err := c.sendRequestWithResult("/api/resolution/edit", req, resp)
-	return resp, err
-}
-
-func (c *Client) DeleteDomainResolution(req *DeleteDomainResolutionRequest) (*DeleteDomainResolutionResponse, error) {
-	resp := &DeleteDomainResolutionResponse{}
-	err := c.sendRequestWithResult("/api/resolution/delete", req, resp)
-	return resp, err
-}
-
-func (c *Client) ListDomainResolution(req *ListDomainResolutionRequest) (*ListDomainResolutionResponse, error) {
-	resp := &ListDomainResolutionResponse{}
-	err := c.sendRequestWithResult("/api/resolution/list", req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/gname/client.go

@@ -1,104 +0,0 @@
-package gname
-
-import (
-	"crypto/md5"
-	"encoding/json"
-	"fmt"
-	"net/url"
-	"sort"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	appId  string
-	appKey string
-
-	client *resty.Client
-}
-
-func NewClient(appId, appKey string) *Client {
-	client := resty.New()
-
-	return &Client{
-		appId:  appId,
-		appKey: appKey,
-		client: client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) generateSignature(params map[string]string) string {
-	// Step 1: Sort parameters by ASCII order
-	var keys []string
-	for k := range params {
-		keys = append(keys, k)
-	}
-	sort.Strings(keys)
-
-	// Step 2: Create string A with URL-encoded values
-	var pairs []string
-	for _, k := range keys {
-		encodedValue := url.QueryEscape(params[k])
-		pairs = append(pairs, fmt.Sprintf("%s=%s", k, encodedValue))
-	}
-	stringA := strings.Join(pairs, "&")
-
-	// Step 3: Append appkey to create string B
-	stringB := stringA + c.appKey
-
-	// Step 4: Calculate MD5 and convert to uppercase
-	hash := md5.Sum([]byte(stringB))
-	return strings.ToUpper(fmt.Sprintf("%x", hash))
-}
-
-func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) {
-	data := make(map[string]string)
-	if params != nil {
-		temp := make(map[string]any)
-		jsonb, _ := json.Marshal(params)
-		json.Unmarshal(jsonb, &temp)
-		for k, v := range temp {
-			if v != nil {
-				data[k] = fmt.Sprintf("%v", v)
-			}
-		}
-	}
-	data["appid"] = c.appId
-	data["gntime"] = fmt.Sprintf("%d", time.Now().Unix())
-	data["gntoken"] = c.generateSignature(data)
-
-	url := "http://api.gname.com" + path
-	req := c.client.R().
-		SetHeader("Content-Type", "application/x-www-form-urlencoded").
-		SetFormData(data)
-	resp, err := req.Post(url)
-	if err != nil {
-		return resp, fmt.Errorf("gname api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("gname api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(path, params)
-	if err != nil {
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("gname api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode != 1 {
-		return fmt.Errorf("gname api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/gname/models.go

@@ -1,81 +0,0 @@
-package gname
-
-import "encoding/json"
-
-type BaseResponse interface {
-	GetCode() int32
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    int32  `json:"code"`
-	Message string `json:"msg"`
-}
-
-func (r *baseResponse) GetCode() int32 {
-	return r.Code
-}
-
-func (r *baseResponse) GetMessage() string {
-	return r.Message
-}
-
-type AddDomainResolutionRequest struct {
-	ZoneName    string `json:"ym"`
-	RecordType  string `json:"lx"`
-	RecordName  string `json:"zj"`
-	RecordValue string `json:"jlz"`
-	MX          int32  `json:"mx"`
-	TTL         int32  `json:"ttl"`
-}
-
-type AddDomainResolutionResponse struct {
-	baseResponse
-	Data json.Number `json:"data"`
-}
-
-type ModifyDomainResolutionRequest struct {
-	ID          int64  `json:"jxid"`
-	ZoneName    string `json:"ym"`
-	RecordType  string `json:"lx"`
-	RecordName  string `json:"zj"`
-	RecordValue string `json:"jlz"`
-	MX          int32  `json:"mx"`
-	TTL         int32  `json:"ttl"`
-}
-
-type ModifyDomainResolutionResponse struct {
-	baseResponse
-}
-
-type DeleteDomainResolutionRequest struct {
-	ZoneName string `json:"ym"`
-	RecordID int64  `json:"jxid"`
-}
-
-type DeleteDomainResolutionResponse struct {
-	baseResponse
-}
-
-type ListDomainResolutionRequest struct {
-	ZoneName string `json:"ym"`
-	Page     *int32 `json:"page,omitempty"`
-	PageSize *int32 `json:"limit,omitempty"`
-}
-
-type ListDomainResolutionResponse struct {
-	baseResponse
-	Count    int32               `json:"count"`
-	Data     []*ResolutionRecord `json:"data"`
-	Page     int32               `json:"page"`
-	PageSize int32               `json:"pagesize"`
-}
-
-type ResolutionRecord struct {
-	ID          json.Number `json:"id"`
-	ZoneName    string      `json:"ym"`
-	RecordType  string      `json:"lx"`
-	RecordName  string      `json:"zjt"`
-	RecordValue string      `json:"jxz"`
-	MX          int32       `json:"mx"`
-}

internal/pkg/sdk3rd/goedge/api.go

@@ -1,46 +0,0 @@
-package goedge
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"time"
-)
-
-func (c *Client) getAccessToken() error {
-	req := &getAPIAccessTokenRequest{
-		Type:        c.apiRole,
-		AccessKeyId: c.accessKeyId,
-		AccessKey:   c.accessKey,
-	}
-	res, err := c.sendRequest(http.MethodPost, "/APIAccessTokenService/getAPIAccessToken", req)
-	if err != nil {
-		return err
-	}
-
-	resp := &getAPIAccessTokenResponse{}
-	if err := json.Unmarshal(res.Body(), &resp); err != nil {
-		return fmt.Errorf("goedge api error: failed to parse response: %w", err)
-	} else if resp.GetCode() != 200 {
-		return fmt.Errorf("goedge get access token failed: code: %d, message: %s", resp.GetCode(), resp.GetMessage())
-	}
-
-	c.accessTokenMtx.Lock()
-	c.accessToken = resp.Data.Token
-	c.accessTokenExp = time.Unix(resp.Data.ExpiresAt, 0)
-	c.accessTokenMtx.Unlock()
-
-	return nil
-}
-
-func (c *Client) UpdateSSLCert(req *UpdateSSLCertRequest) (*UpdateSSLCertResponse, error) {
-	if c.accessToken == "" || c.accessTokenExp.Before(time.Now()) {
-		if err := c.getAccessToken(); err != nil {
-			return nil, err
-		}
-	}
-
-	resp := &UpdateSSLCertResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, "/SSLCertService/updateSSLCert", req, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/goedge/client.go

@@ -1,103 +0,0 @@
-package goedge
-
-import (
-	"crypto/tls"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiHost     string
-	apiRole     string
-	accessKeyId string
-	accessKey   string
-
-	accessToken    string
-	accessTokenExp time.Time
-	accessTokenMtx sync.Mutex
-
-	client *resty.Client
-}
-
-func NewClient(apiHost, apiRole, accessKeyId, accessKey string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiHost:     strings.TrimRight(apiHost, "/"),
-		apiRole:     apiRole,
-		accessKeyId: accessKeyId,
-		accessKey:   accessKey,
-		client:      client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) WithTLSConfig(config *tls.Config) *Client {
-	c.client.SetTLSClientConfig(config)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
-	req := c.client.R().SetBasicAuth(c.accessKeyId, c.accessKey)
-	req.Method = method
-	req.URL = c.apiHost + path
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if params != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(params)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.
-			SetQueryParams(qs).
-			SetHeader("X-Edge-Access-Token", c.accessToken)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetHeader("X-Edge-Access-Token", c.accessToken).
-			SetBody(params)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("goedge api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("goedge api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, params interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, params)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("goedge api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode != 200 {
-		return fmt.Errorf("goedge api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}

internal/pkg/sdk3rd/goedge/models.go

@@ -1,52 +0,0 @@
-package goedge
-
-type BaseResponse interface {
-	GetCode() int32
-	GetMessage() string
-}
-
-type baseResponse struct {
-	Code    int32  `json:"code"`
-	Message string `json:"message"`
-}
-
-func (r *baseResponse) GetCode() int32 {
-	return r.Code
-}
-
-func (r *baseResponse) GetMessage() string {
-	return r.Message
-}
-
-type getAPIAccessTokenRequest struct {
-	Type        string `json:"type"`
-	AccessKeyId string `json:"accessKeyId"`
-	AccessKey   string `json:"accessKey"`
-}
-
-type getAPIAccessTokenResponse struct {
-	baseResponse
-	Data *struct {
-		Token     string `json:"token"`
-		ExpiresAt int64  `json:"expiresAt"`
-	} `json:"data,omitempty"`
-}
-
-type UpdateSSLCertRequest struct {
-	SSLCertId   int64    `json:"sslCertId"`
-	IsOn        bool     `json:"isOn"`
-	Name        string   `json:"name"`
-	Description string   `json:"description"`
-	ServerName  string   `json:"serverName"`
-	IsCA        bool     `json:"isCA"`
-	CertData    string   `json:"certData"`
-	KeyData     string   `json:"keyData"`
-	TimeBeginAt int64    `json:"timeBeginAt"`
-	TimeEndAt   int64    `json:"timeEndAt"`
-	DNSNames    []string `json:"dnsNames"`
-	CommonNames []string `json:"commonNames"`
-}
-
-type UpdateSSLCertResponse struct {
-	baseResponse
-}

internal/pkg/sdk3rd/netlify/api.go

@@ -1,17 +0,0 @@
-package netlify
-
-import (
-	"fmt"
-	"net/http"
-	"net/url"
-)
-
-func (c *Client) ProvisionSiteTLSCertificate(siteId string, params *ProvisionSiteTLSCertificateParams) (*ProvisionSiteTLSCertificateResponse, error) {
-	if siteId == "" {
-		return nil, fmt.Errorf("netlify api error: invalid parameter: SiteId")
-	}
-
-	resp := &ProvisionSiteTLSCertificateResponse{}
-	err := c.sendRequestWithResult(http.MethodPost, fmt.Sprintf("/sites/%s/ssl", url.PathEscape(siteId)), params, nil, resp)
-	return resp, err
-}

internal/pkg/sdk3rd/netlify/client.go

@@ -1,97 +0,0 @@
-package netlify
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-)
-
-type Client struct {
-	apiToken string
-
-	client *resty.Client
-}
-
-func NewClient(apiToken string) *Client {
-	client := resty.New()
-
-	return &Client{
-		apiToken: apiToken,
-		client:   client,
-	}
-}
-
-func (c *Client) WithTimeout(timeout time.Duration) *Client {
-	c.client.SetTimeout(timeout)
-	return c
-}
-
-func (c *Client) sendRequest(method string, path string, queryParams interface{}, payloadParams interface{}) (*resty.Response, error) {
-	req := c.client.R().SetHeader("Authorization", "Bearer "+c.apiToken)
-	req.Method = method
-	req.URL = "https://api.netlify.com/api/v1" + path
-
-	if queryParams != nil {
-		qs := make(map[string]string)
-		temp := make(map[string]any)
-		jsonb, _ := json.Marshal(queryParams)
-		json.Unmarshal(jsonb, &temp)
-		for k, v := range temp {
-			if v != nil {
-				qs[k] = fmt.Sprintf("%v", v)
-			}
-		}
-		req = req.SetQueryParams(qs)
-	}
-
-	if strings.EqualFold(method, http.MethodGet) {
-		qs := make(map[string]string)
-		if payloadParams != nil {
-			temp := make(map[string]any)
-			jsonb, _ := json.Marshal(payloadParams)
-			json.Unmarshal(jsonb, &temp)
-			for k, v := range temp {
-				if v != nil {
-					qs[k] = fmt.Sprintf("%v", v)
-				}
-			}
-		}
-
-		req = req.SetQueryParams(qs)
-	} else {
-		req = req.
-			SetHeader("Content-Type", "application/json").
-			SetBody(payloadParams)
-	}
-
-	resp, err := req.Send()
-	if err != nil {
-		return resp, fmt.Errorf("netlify api error: failed to send request: %w", err)
-	} else if resp.IsError() {
-		return resp, fmt.Errorf("netlify api error: unexpected status code: %d, resp: %s", resp.StatusCode(), resp.Body())
-	}
-
-	return resp, nil
-}
-
-func (c *Client) sendRequestWithResult(method string, path string, queryParams interface{}, payloadParams interface{}, result BaseResponse) error {
-	resp, err := c.sendRequest(method, path, queryParams, payloadParams)
-	if err != nil {
-		if resp != nil {
-			json.Unmarshal(resp.Body(), &result)
-		}
-		return err
-	}
-
-	if err := json.Unmarshal(resp.Body(), &result); err != nil {
-		return fmt.Errorf("netlify api error: failed to parse response: %w", err)
-	} else if errcode := result.GetCode(); errcode != 0 {
-		return fmt.Errorf("netlify api error: code='%d', message='%s'", errcode, result.GetMessage())
-	}
-
-	return nil
-}