【新增】【部署】新增火山引擎CDN

backend/internal/cert/deploy/client/volcengine/volcengineCdn.go

@@ -0,0 +1,66 @@
+package deploy
+
+import (
+	"fmt"
+	"github.com/volcengine/volcengine-go-sdk/service/cdn"
+	"github.com/volcengine/volcengine-go-sdk/volcengine"
+	"github.com/volcengine/volcengine-go-sdk/volcengine/credentials"
+	"github.com/volcengine/volcengine-go-sdk/volcengine/session"
+	"regexp"
+)
+
+type VolcEngineCdnClient struct {
+	*cdn.CDN
+}
+
+func ClientVolcEngineCdn(ak, sk, region string) (*VolcEngineCdnClient, error) {
+	config := volcengine.NewConfig().
+		WithRegion(region).
+		WithCredentials(credentials.NewStaticCredentials(ak, sk, ""))
+	sess, err := session.NewSession(config)
+	if err != nil {
+		return nil, fmt.Errorf("创建火山引擎CDN客户端失败: %w", err)
+	}
+	cdnClient := &VolcEngineCdnClient{
+		CDN: cdn.New(sess),
+	}
+	return cdnClient, nil
+}
+
+func (v *VolcEngineCdnClient) IUploadCert(certContent, certKey string) (string, error) {
+	// 创建证书上传请求
+	input := &cdn.AddCertificateInput{
+		Certificate: volcengine.String(certContent),
+		PrivateKey:  volcengine.String(certKey),
+		Repeatable:  volcengine.Bool(false),
+		Source:      volcengine.String("volc_cert_center"),
+	}
+	
+	output, err := v.AddCertificate(input)
+	if err != nil {
+		if output.Metadata.Error.Code == "InvalidParameter.Certificate.Duplicated" {
+			re := regexp.MustCompile(`cert-[a-f0-9]{32}`)
+			certId := re.FindString(output.Metadata.Error.Message)
+			fmt.Printf("相同证书已存在 certId:%s\n", certId)
+			return certId, nil
+		}
+		return "", fmt.Errorf("上传证书失败: %w", err)
+	}
+	return *output.CertId, nil
+}
+
+func (v *VolcEngineCdnClient) IBatchDeployCert(certId, domain string) error {
+	batchDeployCertInput := &cdn.BatchDeployCertInput{
+		CertId: volcengine.String(certId),
+		Domain: volcengine.String(domain),
+	}
+	
+	res, err := v.BatchDeployCert(batchDeployCertInput)
+	if err != nil {
+		return fmt.Errorf("部署证书失败: %w", err)
+	}
+	if *res.DeployResult[0].Status != "success" {
+		return fmt.Errorf("部署证书失败: %s", *res.DeployResult[0].ErrorMsg)
+	}
+	return err
+}

backend/internal/cert/deploy/volcengine.go

@@ -0,0 +1,75 @@
+package deploy
+
+import (
+	"ALLinSSL/backend/internal/access"
+	volccdn "ALLinSSL/backend/internal/cert/deploy/client/volcengine"
+	"encoding/json"
+	"fmt"
+	"strconv"
+)
+
+func DeployVolcEngineCdn(cfg map[string]any) error {
+	cert, ok := cfg["certificate"].(map[string]any)
+	if !ok {
+		return fmt.Errorf("证书不存在")
+	}
+	var providerID string
+	switch v := cfg["provider_id"].(type) {
+	case float64:
+		providerID = strconv.Itoa(int(v))
+	case string:
+		providerID = v
+	default:
+		return fmt.Errorf("参数错误：provider_id")
+	}
+	region, ok := cfg["region"].(string)
+	if !ok {
+		return fmt.Errorf("参数错误：region")
+	}
+	providerData, err := access.GetAccess(providerID)
+	if err != nil {
+		return err
+	}
+	providerConfigStr, ok := providerData["config"].(string)
+	if !ok {
+		return fmt.Errorf("api配置错误")
+	}
+	// 解析 JSON 配置
+	var providerConfig map[string]string
+	err = json.Unmarshal([]byte(providerConfigStr), &providerConfig)
+	if err != nil {
+		return err
+	}
+	
+	client, err := volccdn.ClientVolcEngineCdn(providerConfig["access_key"], providerConfig["secret_key"], region)
+	if err != nil {
+		return err
+	}
+	domain, ok := cfg["domain"].(string)
+	if !ok {
+		return fmt.Errorf("参数错误：domain")
+	}
+	// 设置证书
+	keyPem, ok := cert["key"].(string)
+	if !ok {
+		return fmt.Errorf("证书错误：key")
+	}
+	certPem, ok := cert["cert"].(string)
+	if !ok {
+		return fmt.Errorf("证书错误：cert")
+	}
+	
+	certId, err := client.IUploadCert(certPem, keyPem)
+	if err != nil {
+		return fmt.Errorf("上传证书失败: %w", err)
+	}
+	err = client.IBatchDeployCert(certId, domain)
+	if err != nil {
+		return fmt.Errorf("部署证书失败: %w", err)
+	}
+	
+	if err != nil {
+		return err
+	}
+	return nil
+}