From 729e1e11768b5a23538842156811333f7c00b508 Mon Sep 17 00:00:00 2001 From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com> Date: Tue, 17 Aug 2021 19:37:00 +0800 Subject: [PATCH] chang SCF update --- platform/TencentSCF_env.php | 155 +++++++++++++++++++++++++++++++++--- 1 file changed, 144 insertions(+), 11 deletions(-) diff --git a/platform/TencentSCF_env.php b/platform/TencentSCF_env.php index c71993c..49bb0f8 100644 --- a/platform/TencentSCF_env.php +++ b/platform/TencentSCF_env.php @@ -371,9 +371,6 @@ function SetbaseConfig($Envs, $function_name, $Region, $Namespace, $SecretId, $S { //echo json_encode($Envs,JSON_PRETTY_PRINT); if ($Envs['ONEMANAGER_CONFIG_SAVE'] == 'file') $Envs = Array( 'ONEMANAGER_CONFIG_SAVE' => 'file' ); - /*$trynum = 0; - while( json_decode(getfunctioninfo($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], $SecretId, $SecretKey),true)['Response']['Status']!='Active' ) echo ' -'.++$trynum;*/ //json_decode($a,true)['Response']['Environment']['Variables'][0]['Key'] $tmp = json_decode(getfunctioninfo($function_name, $Region, $Namespace, $SecretId, $SecretKey),true)['Response']['Environment']['Variables']; foreach ($tmp as $tmp1) { @@ -413,7 +410,7 @@ function SetbaseConfig($Envs, $function_name, $Region, $Namespace, $SecretId, $S return post2url('https://'.$host, $data.'&Signature='.urlencode($signStr)); } -function updateProgram($function_name, $Region, $Namespace, $SecretId, $SecretKey, $source) +function updateProgram_OLD($function_name, $Region, $Namespace, $SecretId, $SecretKey, $source) { WaitSCFStat(); $meth = 'POST'; @@ -452,14 +449,150 @@ namespace:' . $_SERVER['namespace'] . '
'; } -function OnekeyUpate($auth = 'qkqpttgf', $project = 'OneManager-php', $branch = 'master') -{ - $source['url'] = 'https://github.com/' . $auth . '/' . $project; - $source['branch'] = $branch; - return updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], getConfig('SecretId'), getConfig('SecretKey'), $source); -} - function setConfigResponse($response) { return json_decode( $response, true )['Response']; } + +function updateProgram($function_name, $Region, $Namespace, $SecretId, $SecretKey, $source) +{ + $secretId = $SecretId; + $secretKey = $SecretKey; + $host = 'scf.tencentcloudapi.com'; + $service = "scf"; + $version = "2018-04-16"; + $action = "UpdateFunctionCode"; + $region = $Region; + $timestamp = time(); + $algorithm = "TC3-HMAC-SHA256"; + + // step 1: build canonical request string + $httpRequestMethod = "POST"; + $canonicalUri = "/"; + $canonicalQueryString = ""; + $canonicalHeaders = "content-type:application/json; charset=utf-8\n"."host:".$host."\n"; + $signedHeaders = "content-type;host"; + + //$tmpdata['Action'] = 'UpdateFunctionCode'; + $tmpdata['Code']['ZipFile'] = base64_encode( file_get_contents($source) ); + $tmpdata['CodeSource'] = 'ZipFile'; + $tmpdata['FunctionName'] = $function_name; + $tmpdata['Handler'] = 'index.main_handler'; + //$tmpdata['Namespace'] = $Namespace; + //$tmpdata['Nonce'] = time(); + //$tmpdata['Region'] = $Region; + //$tmpdata['SecretId'] = $SecretId; + //$tmpdata['Timestamp'] = time(); + //$tmpdata['Token'] = ''; + //$tmpdata['Version'] = '2018-04-16'; + $payload = json_encode($tmpdata); + //$payload = '{"Limit": 1, "Filters": [{"Values": ["\u672a\u547d\u540d"], "Name": "instance-name"}]}'; + $hashedRequestPayload = hash("SHA256", $payload); + $canonicalRequest = $httpRequestMethod."\n" + .$canonicalUri."\n" + .$canonicalQueryString."\n" + .$canonicalHeaders."\n" + .$signedHeaders."\n" + .$hashedRequestPayload; + //echo $canonicalRequest.PHP_EOL; + + // step 2: build string to sign + $date = gmdate("Y-m-d", $timestamp); + $credentialScope = $date."/".$service."/tc3_request"; + $hashedCanonicalRequest = hash("SHA256", $canonicalRequest); + $stringToSign = $algorithm."\n" + .$timestamp."\n" + .$credentialScope."\n" + .$hashedCanonicalRequest; + //echo $stringToSign.PHP_EOL; + + // step 3: sign string + $secretDate = hash_hmac("SHA256", $date, "TC3".$secretKey, true); + $secretService = hash_hmac("SHA256", $service, $secretDate, true); + $secretSigning = hash_hmac("SHA256", "tc3_request", $secretService, true); + $signature = hash_hmac("SHA256", $stringToSign, $secretSigning); + //echo $signature.PHP_EOL; + + // step 4: build authorization + $authorization = $algorithm + ." Credential=".$secretId."/".$credentialScope + .", SignedHeaders=content-type;host, Signature=".$signature; + //echo $authorization.PHP_EOL; + + //$curl = "curl -X POST https://".$host + // .' -H "Authorization: '.$authorization.'"' + // .' -H "Content-Type: application/json; charset=utf-8"' + // .' -H "Host: '.$host.'"' + // .' -H "X-TC-Action: '.$action.'"' + // .' -H "X-TC-Timestamp: '.$timestamp.'"' + // .' -H "X-TC-Version: '.$version.'"' + // .' -H "X-TC-Region: '.$region.'"' + // ." -d '".$payload."'"; + //error_log1( $curl.PHP_EOL ); + //return '{"response": {"Error": {"Message":"' . $curl . '"}}}'; + $headers['Authorization'] = $authorization; + $headers['Content-Type'] = 'application/json; charset=utf-8'; + $headers['Host'] = $host; + $headers['X-TC-Action'] = $action; + $headers['X-TC-Timestamp'] = $timestamp; + $headers['X-TC-Version'] = $version; + $headers['X-TC-Region'] = $region; + return curl('POST', 'https://'.$host, $payload, $headers)['body']; +} + +function OnekeyUpate($auth = 'qkqpttgf', $project = 'OneManager-php', $branch = 'master') +{ + $source = '/tmp/code.zip'; + $outPath = '/tmp/'; + + // 从github下载对应tar.gz,并解压 + $url = 'https://github.com/' . $auth . '/' . $project . '/tarball/' . urlencode($branch) . '/'; + $tarfile = '/tmp/github.tar.gz'; + file_put_contents($tarfile, file_get_contents($url)); + $phar = new PharData($tarfile); + $html = $phar->extractTo($outPath, null, true);//路径 要解压的文件 是否覆盖 + + // 获取包中目录名 + $tmp = scandir('phar://'.$tarfile); + $name = $auth.'-'.$project; + foreach ($tmp as $f) { + if ( substr($f, 0, strlen($name)) == $name) { + $outPath .= $f; + break; + } + } + // 放入配置文件 + file_put_contents($outPath . '/.data/config.php', file_get_contents(__DIR__ . '/../.data/config.php')); + + // 将目录中文件打包成zip + //$zip=new ZipArchive(); + $zip=new PharData($source); + //if($zip->open($source, ZipArchive::CREATE)){ + addFileToZip($zip, $outPath); //调用方法,对要打包的根目录进行操作,并将ZipArchive的对象传递给方法 + // $zip->close(); //关闭处理的zip文件 + //} + + return updateProgram($_SERVER['function_name'], $_SERVER['Region'], $_SERVER['namespace'], getConfig('SecretId'), getConfig('SecretKey'), $source); +} + +function addFileToZip($zip, $rootpath, $path = '') +{ + if (substr($rootpath,-1)=='/') $rootpath = substr($rootpath, 0, -1); + if (substr($path,0,1)=='/') $path = substr($path, 1); + $handler=opendir(path_format($rootpath.'/'.$path)); //打开当前文件夹由$path指定。 + while($filename=readdir($handler)){ + if($filename != "." && $filename != ".."){//文件夹文件名字为'.'和‘..’,不要对他们进行操作 + $nowname = path_format($rootpath.'/'.$path."/".$filename); + if(is_dir($nowname)){// 如果读取的某个对象是文件夹,则递归 + $zip->addEmptyDir($path."/".$filename); + addFileToZip($zip, $rootpath, $path."/".$filename); + }else{ //将文件加入zip对象 + $newname = $path."/".$filename; + if (substr($newname,0,1)=='/') $newname = substr($newname, 1); + $zip->addFile($nowname, $newname); + //$zip->renameName($nowname, $newname); + } + } + } + @closedir($path); +}