Skip to content

Commit

Permalink
feat: volc deployer
Browse files Browse the repository at this point in the history
  • Loading branch information
oott123 committed Dec 5, 2023
1 parent 6ae344b commit 5da0470
Show file tree
Hide file tree
Showing 13 changed files with 1,235 additions and 43 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.19
go-version: 1.21.3
-
name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
Expand All @@ -37,4 +37,4 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Your GoReleaser Pro key, if you are using the 'goreleaser-pro' distribution
# GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
# GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
2 changes: 1 addition & 1 deletion .tool-versions
Original file line number Diff line number Diff line change
@@ -1 +1 @@
golang 1.19.3
golang 1.21.3
36 changes: 33 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ SSL (HTTPS) certificates automatically to CDN services.

### CDN Providers

* Aliyun
* Upyun
* Tencent Cloud
* Aliyun (CDN)
* Upyun (CDN)
* Tencent Cloud (CDN)
* UDomain (CDN)
* Volc Engine (CDN and DCDN)

Deploys to all CDN domains which matched by given certificate.

Expand Down Expand Up @@ -50,6 +52,34 @@ certificate are covered by given certificate.
* `CERT_DEPLOYER` - `udomain`
* `UDOMAIN_API_KEY` - API Key created from [udomain CDN dashboard](https://cdn.8338.hk/key)

### Volc Engine deployer

<details>
<summary>Required ACL policy</summary>

```json
{
"Statement": [{
"Effect": "Allow",
"Action": [
"dcdn:ListCertBind",
"dcdn:CreateCertBind",
"CDN:AddCdnCertificate",
"CDN:DescribeCertConfig",
"CDN:BatchDeployCert"
],
"Resource": ["*"]
}]
}
```

</details>

* `CERT_DEPLOYER` - `volc`
* `VOLC_ACCESS_KEY_ID` - Access Key ID.
* `VOLC_SECRET_ACCESS_KEY` - Secret Access Key.
* `VOLC_DEPLOY_TARGETS` - `cdn`, `dcdn`, `cdn,dcdn` (default)

### Azure KeyVault deployer

* `CERT_DEPLOYER` - `azure`
Expand Down
26 changes: 16 additions & 10 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/oott123/certdeploy

go 1.19
go 1.21

require (
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.2.0
Expand All @@ -9,11 +9,14 @@ require (
github.com/alibabacloud-go/darabonba-openapi v0.1.7
github.com/alibabacloud-go/tea v1.1.15
github.com/go-resty/resty/v2 v2.7.0
github.com/stretchr/testify v1.7.0
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.373
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.373
github.com/tidwall/gjson v1.11.0
github.com/volcengine/volc-sdk-golang v1.0.129
golang.org/x/exp v0.0.0-20221126150942-6ab00d035af9
golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4
golang.org/x/net v0.12.0
software.sslmate.com/src/go-pkcs12 v0.2.0
)

require (
Expand All @@ -26,19 +29,22 @@ require (
github.com/alibabacloud-go/openapi-util v0.0.8 // indirect
github.com/alibabacloud-go/tea-utils v1.3.9 // indirect
github.com/aliyun/credentials-go v1.1.2 // indirect
github.com/cenkalti/backoff/v4 v4.1.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
github.com/google/uuid v1.1.1 // indirect
github.com/json-iterator/go v1.1.10 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 // indirect
github.com/modern-go/reflect2 v1.0.1 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.0 // indirect
github.com/tjfoc/gmsm v1.3.2 // indirect
golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88 // indirect
golang.org/x/sys v0.1.0 // indirect
golang.org/x/text v0.3.7 // indirect
golang.org/x/crypto v0.11.0 // indirect
golang.org/x/sys v0.10.0 // indirect
golang.org/x/text v0.11.0 // indirect
gopkg.in/ini.v1 v1.56.0 // indirect
software.sslmate.com/src/go-pkcs12 v0.2.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
799 changes: 787 additions & 12 deletions go.sum

Large diffs are not rendered by default.

12 changes: 6 additions & 6 deletions pkg/deployer/aliyun.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ func (d *AliyunDeployer) Deploy(domains []string, cert, key string) error {
log.Println("getting aliyun CDN domains matching given certificates")
domainsToDeploy := make(map[string]bool)
for _, domain := range domains {
normalizedDomain := normalizeDomain(domain)
normalizedDomain := normalizeWildcardDomain(domain)
matchType := "full_match"
if normalizedDomain[0] == '.' {
matchType = "suf_match"
Expand Down Expand Up @@ -77,7 +77,7 @@ func (d *AliyunDeployer) Deploy(domains []string, cert, key string) error {
i++
domainsChunk = append(domainsChunk, domain)
if i >= 50 {
err := d.deployCert(domainsChunk, normalizeDomain(domains[0]), cert, key)
err := d.deployCert(domainsChunk, normalizeWildcardDomain(domains[0]), cert, key)
if err != nil {
return fmt.Errorf("failed to deploy cert: %w", err)
}
Expand All @@ -86,7 +86,7 @@ func (d *AliyunDeployer) Deploy(domains []string, cert, key string) error {
}
}
if len(domainsChunk) > 0 {
err := d.deployCert(domainsChunk, normalizeDomain(domains[0]), cert, key)
err := d.deployCert(domainsChunk, normalizeWildcardDomain(domains[0]), cert, key)
if err != nil {
return fmt.Errorf("failed to deploy cert: %w", err)
}
Expand Down Expand Up @@ -136,11 +136,11 @@ func min(x, y int) int {
return y
}

func normalizeDomain(domain string) string {
func normalizeWildcardDomain(domain string) string {
if strings.Index(domain, "*") == 0 {
return domain[1:]
return strings.ToLower(domain[1:])
} else {
return domain
return strings.ToLower(domain)
}
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/deployer/azure.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func (d *AzureDeployer) importCertificate(name, cert, key string) error {
Tags: nil,
}, nil)
if err != nil {
return fmt.Errorf("failed to request import certificate to %s: %w", name, err)
return fmt.Errorf("failed to volcRequest import certificate to %s: %w", name, err)
}
return nil
}
Expand Down
2 changes: 2 additions & 0 deletions pkg/deployer/deployer.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ func Create(name string) (Deployer, error) {
return CreateUDomainDeployer()
} else if name == "azure" {
return CreateAzureDeployer()
} else if name == "volc" {
return CreateVolcDeployer()
} else {
return nil, fmt.Errorf("create deployer failed: no deployer named %s", name)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/deployer/tencentcloud.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func (d *TencentCloudDeployer) Deploy(domains []string, cert, key string) error

log.Println("getting tencent cloud CDN domains matching given certificates")
for _, domain := range domains {
normalizedDomain := normalizeDomain(domain)
normalizedDomain := normalizeWildcardDomain(domain)
fuzzy := false
if normalizedDomain[0] == '.' {
fuzzy = true
Expand Down
10 changes: 5 additions & 5 deletions pkg/deployer/udomain.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,10 +80,10 @@ func (d *UDomainDeployer) Deploy(domains []string, cert, key string) error {
}
_, err := c.R().SetResult(&response).SetError(&response).Get("/c/v1/subdomain")
if err != nil {
return fmt.Errorf("failed to request domain: %w", err)
return fmt.Errorf("failed to volcRequest domain: %w", err)
}
if response.Code != "0" {
return fmt.Errorf("failed to get domain %s(%s): %w", response.Code, response.Message)
return fmt.Errorf("failed to get domain %s(%s)", response.Code, response.Message)
}

subdomainIds := make([]int, 0)
Expand Down Expand Up @@ -114,10 +114,10 @@ func (d *UDomainDeployer) Deploy(domains []string, cert, key string) error {
}
_, err = c.R().SetResult(&certResult).SetError(&certResult).SetBody(&certRequest).Post("/c/v1/certificate")
if err != nil {
return fmt.Errorf("failed to upload certificate request: %w", err)
return fmt.Errorf("failed to upload certificate volcRequest: %w", err)
}
if certResult.Code != "0" {
return fmt.Errorf("failed to upload certificate %s(%s): %w", certResult.Code, certResult.Message)
return fmt.Errorf("failed to upload certificate %s(%s)", certResult.Code, certResult.Message)
}
certId := certResult.Payload.CertificateID
log.Printf("successfully uploaded certificate #%d", certId)
Expand All @@ -136,7 +136,7 @@ func (d *UDomainDeployer) Deploy(domains []string, cert, key string) error {
}
r, err := c.R().SetBody(&request).SetError(&result).Put("/c/v1/configuration")
if err != nil {
return fmt.Errorf("failed to update domain request: %w", err)
return fmt.Errorf("failed to update domain volcRequest: %w", err)
}
if r.StatusCode() > 299 {
return fmt.Errorf("failed to update domain: %s %s", result.Code, result.Message)
Expand Down
4 changes: 2 additions & 2 deletions pkg/deployer/upyun.go
Original file line number Diff line number Diff line change
Expand Up @@ -125,10 +125,10 @@ func (u *UpyunDeployer) MigrateDomainCertificate(certId, domain string) error {

func checkApiResult(resp *resty.Response, err error) error {
if err != nil {
return fmt.Errorf("request failed: %w", err)
return fmt.Errorf("volcRequest failed: %w", err)
}
if resp == nil {
return fmt.Errorf("request failed: response is nil")
return fmt.Errorf("volcRequest failed: response is nil")
}
json := resp.String()
if gjson.Get(json, "data.error_code").Exists() {
Expand Down
Loading

0 comments on commit 5da0470

Please sign in to comment.