本文介绍: 通过上述步骤我们成功地实现通过Go语言操作华为云CDN刷新服务功能,并将其集成到Jenkins任务中,同时安全管理敏感的AK/SK凭证。这样的自动化工具对于管理大量的CDN资源来说非常有用,可以大大提高工作效率。注:以上大纲chatgpt生成代码结构也是,代码基本也是chatgpt生成,貌似中间就有几个&指针数据格式问题修改了一下。

引言

华为云上,对CDN缓存内容进行刷新一个常见的需求,以确保最新内容能尽快被用户访问到。通过使用Go语言我们可以开发一个自动化的工具来实现这一需求,并将其集成到Jenkins中以实现持续部署。下面我们将分步骤讲解如何实现

1. 实现CDN的刷新

要用Go实现华为云CDN的刷新工作我们需要首先安装go-sdk,这是华为云为Go开发者提供的SDK,包含操作华为云服务的API接口

步骤1.1 安装华为云官方Go SDK

我们可以使用go get命令安装SDK:

go get -u github.com/huaweicloud/huaweicloud-sdk-go-v3

步骤1.2 创建CDN刷新任务

使用华为云apiexplorer查看一下cdn实例代码
image.png
创建刷新缓存任务实例,有V1 V2版本区别,但是看了一眼,目测代码没有什么区别这里就继续使用v1版本了:

package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
    cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := global.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := cdn.NewCdnClient(
        cdn.CdnClientBuilder().
            WithRegion(region.ValueOf("cn-north-1")).
            WithCredential(auth).
            Build())

    request := &model.CreateRefreshTasksRequest{}
	request.Body = &model.RefreshTaskRequest{
	}
	response, err := client.CreateRefreshTasks(request)
	if err == nil {
        fmt.Printf("%+vn", response)
    } else {
        fmt.Println(err)
    }
}

根据上面的代码一个简单实例,演示如何使用华为云Go SDK创建CDN刷新任务
域名使用 传入的方式,这里就直接使用os.Args,传递参数

package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/config"
	cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/model"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/region"
	"os"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Println("Usage: go run main.go <your-cdn-url>")
		return
	}

	cdnUrl := os.Args[1]

	ak := "YOUR_ACCESS_KEY"
	sk := "YOUR_SECRET_KEY"
	auth := global.NewCredentialsBuilder().
		WithAk(ak).
		WithSk(sk).
		Build()

	hcClient := cdn.NewCdnClient(
		cdn.CdnClientBuilder().
			WithRegion(region.ValueOf("cn-north-1")).
			WithCredential(auth).
			WithHttpConfig(config.DefaultHttpConfig()).
			Build())
	// Create CDN refresh task
	createRefreshTask(hcClient, cdnUrl)
}

func createRefreshTask(hcClient *cdn.CdnClient, cdnUrl string) {
	refreshTaskRequest := &amp;model.CreateRefreshTasksRequest{}
	typeRefreshTask := model.GetRefreshTaskRequestBodyTypeEnum().DIRECTORY
	modeRefreshTask := model.GetRefreshTaskRequestBodyModeEnum().DETECT_MODIFY_REFRESH
	zhUrlEncodeRefreshTask := false
	refreshTaskbody := &amp;model.RefreshTaskRequestBody{
		Type:        &amp;typeRefreshTask,
		Mode:        &amp;modeRefreshTask,
		ZhUrlEncode: &amp;zhUrlEncodeRefreshTask,
		Urls:        []string{cdnUrl},
	}
	refreshTaskRequest.Body = &amp;model.RefreshTaskRequest{
		RefreshTask: refreshTaskbody,
	}
	// Create the refresh task
	response, err := hcClient.CreateRefreshTasks(refreshTaskRequest)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Error creating CDN refresh task: %sn", err)
		os.Exit(2)
	}

	fmt.Printf("CDN refresh task created successfully: %sn", response)
}

在上述代码中,替换**YOUR_ACCESS_KEY****YOUR_SECRET_KEY**为你的华为云账号密钥信息
尝试运行脚本

go run main.go https://xxx.xxx.com/

image.png
末尾以**/**单斜线结尾!
注:以上代码以刷新目录为例,且只刷新变更资源!具体参数或者其他需求可以参考https://console.huaweicloud.com/apiexplorer/#/openapi/CDN/doc?version=v1&api=CreateRefreshTasks文档参数

2. 查询file URL余量

创建刷新任务后,我们可能还需要查询当前账户下的URL刷新余量,以确保后续操作不会受到次数限制影响

步骤2.1 查询CDN file URL余量

可以在上面的Go程序中继续添加以下查询余量的代码片段:
参照:https://console.huaweicloud.com/apiexplorer/#/openapi/CDN/debug?version=v1&api=ShowQuota
image.png
尝试调试查看返回数据结构编写代码如下

// 查询URL 目录余量
func queryCdnQuota(hcClient *cdn.CdnClient) {
	request := &amp;model.ShowQuotaRequest{}
	response, err := hcClient.ShowQuota(request)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Error querying CDN quota: %sn", err)
		os.Exit(2)
	}

	// 请确保 response.Quotas 不是nil,否则可能会导致空指针异常
	if response.Quotas == nil {
		fmt.Fprintln(os.Stderr, "Error: received nil Quotas in response")
		os.Exit(2)
	}

	// 自定义类型名称映射
	typeNameMap := map[string]string{
		"file_refresh": "缓存刷新剩余Url条数",
		"dir_refresh":  "缓存刷新剩余目录数",
	}

	// Print out the customized quota information
	fmt.Println("CDN quota information:")
	for _, quota := range *response.Quotas {
		// 检查quota.Type是否我们关心的类型之一
		if customName, ok := typeNameMap[*quota.Type]; ok {
			remaining := *quota.QuotaLimit - *quota.Used
			fmt.Printf("- %s: %dn", customName, remaining)
		}
	}
}

在main函数中增加一下代码:

	queryCdnQuota(hcClient)

此片段會在创建CDN刷新任务之后调用ShowQuota接口,查询并打印当前账户的URL以及目录刷新余量信息typeNameMap部分是我想自定义一下输出打印名称,增加可读性!
完成代码如下

package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/config"
	cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/model"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/region"
	"os"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Println("Usage: go run main.go <your-cdn-url>")
		return
	}

	cdnUrl := os.Args[1]

	ak := "YOUR_ACCESS_KEY"
	sk := "YOUR_SECRET_KEY"
	auth := global.NewCredentialsBuilder().
		WithAk(ak).
		WithSk(sk).
		Build()

	hcClient := cdn.NewCdnClient(
		cdn.CdnClientBuilder().
			WithRegion(region.ValueOf("cn-north-1")).
			WithCredential(auth).
			WithHttpConfig(config.DefaultHttpConfig()).
			Build())
	// Create CDN refresh task
	createRefreshTask(hcClient, cdnUrl)
}

func createRefreshTask(hcClient *cdn.CdnClient, cdnUrl string) {
	refreshTaskRequest := &model.CreateRefreshTasksRequest{}
	typeRefreshTask := model.GetRefreshTaskRequestBodyTypeEnum().DIRECTORY
	modeRefreshTask := model.GetRefreshTaskRequestBodyModeEnum().DETECT_MODIFY_REFRESH
	zhUrlEncodeRefreshTask := false
	refreshTaskbody := &model.RefreshTaskRequestBody{
		Type:        &typeRefreshTask,
		Mode:        &modeRefreshTask,
		ZhUrlEncode: &zhUrlEncodeRefreshTask,
		Urls:        []string{cdnUrl},
	}
	refreshTaskRequest.Body = &model.RefreshTaskRequest{
		RefreshTask: refreshTaskbody,
	}
	// Create the refresh task
	response, err := hcClient.CreateRefreshTasks(refreshTaskRequest)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Error creating CDN refresh task: %sn", err)
		os.Exit(2)
	}

	fmt.Printf("CDN refresh task created successfully: %sn", response)
}

运行代码返回数据格式如下:

go run main.go https://xxx.xxx.com/

image.png

3. 在Jenkins节点上运行程序

一旦我们的Go程序可以正确执行CDN刷新和查询余量的操作接下来步骤就是在Jenkins中配置程序的运行环境

步骤3.1 创建一个新的Jenkins任务

在Jenkins中创建一个Freestyle项目或者Pipeline项目,此部分取决于你的工作流。为了简便说明,我们这里以Freestyle项目为例。

步骤3.2 配置构建步骤

首先添加一个参数构建过程,传入参数:
image.png
限制一下可运行的节点
image.png

在你的Jenkins任务配置页中,添加一个构建步骤,选择“Execute shell”(对于Linux系统)或“Execute Windows batch command”(对于Windows系统),并填入以下内容
image.png

# 假设你的Go程序名为`main`,且已经编译到Jenkins的工作空间
cd /home/flush-hw&&./main $dir

确保构建环境中已经安装了Go运行时,并且环境变量已经配置,这样main程序才可以在Jenkins节点上运行没有问题
注:main要有可执行权限复制过来要记得chmod +x main .

4. 使用Jenkins Credentials管理AK/SK密钥

为了避免在代码中硬编码敏感信息,如Access Key和Secret Key,推荐使用Jenkins的Credentials插件来管理这些密钥

步骤4.1 添加Credentials

在Jenkins中进入Credentials管理页面添加一个新的Credentials,选择“Secret text”,其中**Secret**字段填入AK:SK的格式记住这里的**ID,**接下来绑定的时候会用到
image.png
image.png

步骤4.2 修改Go程序获取Credentials

之后,你需要修改Go程序,让其从环境变量读取AK和SK。例如:

package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/config"
	cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/model"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v1/region"
	"os"
	"strings"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Println("Usage: go run main.go <your-cdn-url>")
		return
	}

	cdnUrl := os.Args[1]

	// 尝试环境变量获取ak和sk
	creds := os.Getenv("huaweiyun-hn-cdn")
	if creds == "" {
		fmt.Fprintln(os.Stderr, "Error: Credentials environment variable is not set.")
		os.Exit(1)
	}

	parts := strings.SplitN(creds, ":", 2)
	if len(parts) != 2 {
		fmt.Fprintln(os.Stderr, "Error: Invalid credential format. Expected 'AK:SK'.")
		os.Exit(1)
	}

	ak, sk := parts[0], parts[1]
	auth := global.NewCredentialsBuilder().
		WithAk(ak).
		WithSk(sk).
		Build()

	hcClient := cdn.NewCdnClient(
		cdn.CdnClientBuilder().
			WithRegion(region.ValueOf("cn-north-1")).
			WithCredential(auth).
			WithHttpConfig(config.DefaultHttpConfig()).
			Build())
	// Create CDN refresh task
	createRefreshTask(hcClient, cdnUrl)

	// Query remaining refresh and preload quota
	queryCdnQuota(hcClient)
}

func createRefreshTask(hcClient *cdn.CdnClient, cdnUrl string) {
	refreshTaskRequest := &model.CreateRefreshTasksRequest{}
	typeRefreshTask := model.GetRefreshTaskRequestBodyTypeEnum().DIRECTORY
	modeRefreshTask := model.GetRefreshTaskRequestBodyModeEnum().DETECT_MODIFY_REFRESH
	zhUrlEncodeRefreshTask := false
	refreshTaskbody := &model.RefreshTaskRequestBody{
		Type:        &typeRefreshTask,
		Mode:        &modeRefreshTask,
		ZhUrlEncode: &zhUrlEncodeRefreshTask,
		Urls:        []string{cdnUrl},
	}
	refreshTaskRequest.Body = &model.RefreshTaskRequest{
		RefreshTask: refreshTaskbody,
	}
	// Create the refresh task
	response, err := hcClient.CreateRefreshTasks(refreshTaskRequest)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Error creating CDN refresh task: %sn", err)
		os.Exit(2)
	}

	fmt.Printf("CDN refresh task created successfully: %sn", response)
}
func queryCdnQuota(hcClient *cdn.CdnClient) {
	request := &model.ShowQuotaRequest{}
	response, err := hcClient.ShowQuota(request)
	if err != nil {
		fmt.Fprintf(os.Stderr, "Error querying CDN quota: %sn", err)
		os.Exit(2)
	}

	// 请确保 response.Quotas 不是nil,否则可能会导致空指针异常
	if response.Quotas == nil {
		fmt.Fprintln(os.Stderr, "Error: received nil Quotas in response")
		os.Exit(2)
	}

	// 自定义类型名称映射
	typeNameMap := map[string]string{
		"file_refresh": "缓存刷新剩余Url条数",
		"dir_refresh":  "缓存刷新剩余目录数",
	}

	// Print out the customized quota information
	fmt.Println("CDN quota information:")
	for _, quota := range *response.Quotas {
		// 检查quota.Type是否为我们关心的类型之一
		if customName, ok := typeNameMap[*quota.Type]; ok {
			remaining := *quota.QuotaLimit - *quota.Used
			fmt.Printf("- %s: %dn", customName, remaining)
		}
	}
}

步骤4.3 配置Jenkins任务以传递Credentials

在Jenkins任务的构建环境配置中,使用Credentials Binding插件将新添加的Credentials绑定到相应的环境变量中。在“Build Environment”选择“Use secret text(s) or file(s)”,命名xxx绑定AK/SK到指定凭据:
image.png

步骤4.4 测试运行

最后,在Jenkins中运行配置好的任务,检查输出以确保CDN刷新和余量查询均运行顺利。
image.png
image.png

5. 其他的需求

1. 经常输入域名的时候忘记/单斜线,是否可以自动补全?

2. 设置阈值?剩余量到20可以自动报警邮件or短信

3. 优雅的pipeline?

结语

通过上述步骤,我们成功地实现了通过Go语言操作华为云CDN刷新服务功能,并将其集成到Jenkins任务中,同时安全地管理了敏感的AK/SK凭证。这样的自动化工具对于管理大量的CDN资源来说非常有用,可以大大提高工作效率。
注:以上大纲chatgpt生成代码结构也是,代码基本也是chatgpt生成,貌似中间就有几个&指针数据格式问题修改了一下

原文地址:https://blog.csdn.net/saynaihe/article/details/134649245

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任

如若转载,请注明出处:http://www.7code.cn/show_15163.html

如若内容造成侵权/违法违规/事实不符,请联系代码007邮箱:suwngjj01@126.com进行投诉反馈,一经查实,立即删除

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注