@be-link/shield-for-tcb-node-sdk 0.0.1

package/README.md

@@ -0,0 +1,88 @@
+# ShieldForTCB SDK
+
+ShieldForTCB Node.js SDK - 敏感信息管理服务客户端
+
+## 安装
+
+```bash
+npm install @be-link/shield-for-tcb-node-sdk
+# 或
+pnpm add @be-link/shield-for-tcb-node-sdk
+```
+
+## 使用
+
+```typescript
+import { backendConfigService, frontendConfigService } from '@be-link/shield-for-tcb-node-sdk'
+
+// 服务端使用（默认，包含异常处理）
+const config = await backendConfigService.fetchConfig({ key: 'your-key', type: 'json' })
+
+// 前端使用（跳过异常处理，直接抛出原始错误）
+const frontendConfig = await frontendConfigService.fetchConfig({ key: 'your-key', type: 'json' })
+
+// 获取全局动态配置
+const globalConfig = await backendConfigService.fetchGlobalDynamicConfig()
+
+// 获取 COS 临时密钥
+const cosTempSecret = await backendConfigService.getCosTempSecret()
+```
+
+## 发布流程
+
+### 自动发布（推荐）
+
+使用发布脚本，会自动完成版本更新、构建和发布：
+
+```bash
+# 在 SDK 目录下执行
+cd packages/sdk
+pnpm publish
+
+# 或在根目录执行
+pnpm publish:sdk
+```
+
+发布脚本会自动：
+1. 设置 npm 配置和认证（需要 `NPM_DEPLOY_TOKEN` 环境变量）
+2. 更新版本号（使用 `npm version patch`，只读模式）
+3. 构建项目
+4. 发布到 npm（使用 `pnpm publish --no-git-checks`，只读文件发布）
+5. 发送飞书通知（需要 `FEISHU_WEBHOOK_URL` 环境变量）
+
+### 环境变量
+
+发布脚本需要以下环境变量（可选）：
+
+- `NPM_DEPLOY_TOKEN`: npm 发布 token
+- `FEISHU_WEBHOOK_URL`: 飞书 webhook URL（用于发送发布通知）
+
+### CI/CD 集成
+
+在 Jenkins 或其他 CI/CD 平台中，可以这样使用：
+
+```bash
+export NPM_DEPLOY_TOKEN="your-token"
+export FEISHU_WEBHOOK_URL="https://open.feishu.cn/open-apis/bot/v2/hook/xxx"
+cd packages/sdk
+pnpm publish
+```
+
+### 手动发布
+
+如果需要手动发布：
+
+```bash
+# 1. 构建
+pnpm build
+
+# 2. 进入 dist 目录发布（只读文件发布）
+cd dist
+pnpm publish --no-git-checks --access public
+cd ..
+```
+
+## License
+
+ISC
+

package/index.d.ts

@@ -0,0 +1,2 @@
+export { backendConfigService, frontendConfigService } from './modules/config/service';
+export type { Service as ConfigControllerTypes } from './modules/config/types';

package/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.frontendConfigService = exports.backendConfigService = void 0;
+var service_1 = require("./modules/config/service");
+Object.defineProperty(exports, "backendConfigService", { enumerable: true, get: function () { return service_1.backendConfigService; } });
+Object.defineProperty(exports, "frontendConfigService", { enumerable: true, get: function () { return service_1.frontendConfigService; } });

package/modules/BaseService.d.ts

@@ -0,0 +1,14 @@
+export default abstract class BaseService {
+    private isPublicEnv;
+    /** URL一级路径 */
+    protected abstract prefixUrl: string;
+    /** 子网域名 */
+    protected readonly natDevHost = "http://yayvmsbg.shield-for-tcb.07vmo6rk.by26x7u9.com:8090";
+    protected readonly natProdHost = "";
+    /** 公网域名 */
+    protected readonly publicDevHost = "https://shield-for-tcb-196345-5-1304510571.sh.run.tcloudbase.com";
+    protected readonly publicProdHost = "";
+    constructor();
+    /** 获取API URL */
+    protected getApiUrl(func: Function): string;
+}

package/modules/BaseService.js

@@ -0,0 +1,31 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const env_1 = __importDefault(require("../utils/env"));
+const string_1 = require("../utils/string");
+class BaseService {
+    constructor() {
+        /** 子网域名 */
+        this.natDevHost = 'http://yayvmsbg.shield-for-tcb.07vmo6rk.by26x7u9.com:8090';
+        this.natProdHost = '';
+        /** 公网域名 */
+        this.publicDevHost = 'https://shield-for-tcb-196345-5-1304510571.sh.run.tcloudbase.com';
+        this.publicProdHost = '';
+        /** 如果是云函数环境, 默认走公网访问 */
+        this.isPublicEnv = (process.env.CONTAINER_ENV || 'SCF') === 'SCF';
+    }
+    /** 获取API URL */
+    getApiUrl(func) {
+        const host = this.isPublicEnv
+            ? env_1.default.isProduction()
+                ? this.publicProdHost
+                : this.publicDevHost
+            : env_1.default.isProduction()
+                ? this.natProdHost
+                : this.natDevHost;
+        return `${host}${this.prefixUrl}/${(0, string_1.camelToKebabCase)(func.name)}`;
+    }
+}
+exports.default = BaseService;

package/modules/config/service.d.ts

@@ -0,0 +1,19 @@
+import { Service } from './types';
+import BaseService from '../BaseService';
+type CallerType = 'frontend' | 'backend';
+export interface ConfigServiceOptions {
+    caller?: CallerType;
+}
+export declare class ConfigService extends BaseService implements Service.ConfigController {
+    protected prefixUrl: string;
+    private caller;
+    constructor(options?: ConfigServiceOptions);
+    private get shouldSkipErrorHandling();
+    fetchConfig(req: Service.Request.QueryFetchConfig): Promise<any>;
+    fetchGlobalDynamicConfig(): Promise<Service.Response.IFetchGlobalDynamicConfigResponse>;
+    getCosTempSecret(): Promise<Service.Response.CosTempSecretResponse>;
+    fetchSystemTime(): Promise<Date>;
+}
+export declare const backendConfigService: ConfigService;
+export declare const frontendConfigService: ConfigService;
+export {};

package/modules/config/service.js

@@ -0,0 +1,35 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.frontendConfigService = exports.backendConfigService = exports.ConfigService = void 0;
+const http_1 = require("../../utils/http");
+const BaseService_1 = __importDefault(require("../BaseService"));
+class ConfigService extends BaseService_1.default {
+    constructor(options) {
+        super();
+        this.prefixUrl = '/config';
+        this.caller = options?.caller ?? 'backend';
+    }
+    get shouldSkipErrorHandling() {
+        return this.caller === 'frontend';
+    }
+    fetchConfig(req) {
+        return (0, http_1.callApi)(this.getApiUrl(this.fetchConfig), req, {
+            skipErrorHandling: this.shouldSkipErrorHandling,
+        });
+    }
+    fetchGlobalDynamicConfig() {
+        return (0, http_1.callApi)(this.getApiUrl(this.fetchGlobalDynamicConfig), undefined, { skipErrorHandling: this.shouldSkipErrorHandling });
+    }
+    getCosTempSecret() {
+        return (0, http_1.callApi)(this.getApiUrl(this.getCosTempSecret), undefined, { skipErrorHandling: this.shouldSkipErrorHandling });
+    }
+    fetchSystemTime() {
+        return (0, http_1.callApi)(this.getApiUrl(this.fetchSystemTime), undefined, { skipErrorHandling: this.shouldSkipErrorHandling });
+    }
+}
+exports.ConfigService = ConfigService;
+exports.backendConfigService = new ConfigService({ caller: 'backend' });
+exports.frontendConfigService = new ConfigService({ caller: 'frontend' });

package/modules/config/types.d.ts

@@ -0,0 +1,65 @@
+export declare namespace Service {
+    namespace Entity { }
+    namespace Request {
+        /**
+         * 获取配置请求参数
+         */
+        interface QueryFetchConfig {
+            key: string;
+            type?: 'json' | 'yaml';
+            env?: string;
+        }
+    }
+    namespace Response {
+        /**
+         * 获取全局动态配置响应
+         */
+        interface IFetchGlobalDynamicConfigResponse {
+            [key: string]: any;
+        }
+        /**
+         * COS 临时密钥凭证
+         */
+        interface Credentials {
+            sessionToken: string;
+            tmpSecretId: string;
+            tmpSecretKey: string;
+        }
+        /**
+         * COS 临时密钥响应
+         */
+        interface CosTempSecretResponse {
+            expiredTime: number;
+            expiration: string;
+            credentials: Credentials;
+            requestId: string;
+            startTime: number;
+        }
+    }
+    /**
+     * Config Controller 接口定义
+     */
+    interface ConfigController {
+        /**
+         * 获取配置
+         * @param req 请求参数
+         * @returns 配置数据
+         */
+        fetchConfig(req: Service.Request.QueryFetchConfig): Promise<any>;
+        /**
+         * 获取全局动态配置
+         * @returns 全局动态配置数据
+         */
+        fetchGlobalDynamicConfig(): Promise<Service.Response.IFetchGlobalDynamicConfigResponse>;
+        /**
+         * 获取 COS 临时密钥
+         * @returns COS 临时密钥数据
+         */
+        getCosTempSecret(): Promise<Service.Response.CosTempSecretResponse>;
+        /**
+         * 获取系统时间
+         * @returns 系统时间
+         */
+        fetchSystemTime(): Promise<Date>;
+    }
+}

package/modules/config/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "@be-link/shield-for-tcb-node-sdk",
+  "version": "0.0.1",
+  "description": "ShieldForTCB Node.js SDK",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "keywords": [
+    "shield",
+    "tcb",
+    "sdk"
+  ],
+  "author": "",
+  "license": "ISC",
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "axios": "1.13.2",
+    "axios-retry": "^4.0.0",
+    "uuid": "^9.0.1"
+  },
+  "devDependencies": {
+    "@types/uuid": "^9.0.6"
+  },
+  "scripts": {
+    "build": "rm -rf ./dist && tsc && cp package.json README.md ./dist/ 2>/dev/null || true",
+    "test": "jest"
+  }
+}

package/utils/env.d.ts

@@ -0,0 +1,12 @@
+declare class EnvUtils {
+    /**
+     * 判断是否为生产环境
+     */
+    isProduction(): boolean;
+    /**
+     * 获取环境变量
+     */
+    getEnv(key: string, defaultValue?: string): string | undefined;
+}
+declare const envUtils: EnvUtils;
+export default envUtils;

package/utils/env.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class EnvUtils {
+    /**
+     * 判断是否为生产环境
+     */
+    isProduction() {
+        return process.env.NODE_ENV === 'prod';
+    }
+    /**
+     * 获取环境变量
+     */
+    getEnv(key, defaultValue) {
+        return process.env[key] || defaultValue;
+    }
+}
+const envUtils = new EnvUtils();
+exports.default = envUtils;

package/utils/http.d.ts

@@ -0,0 +1,5 @@
+type CallApiOptions = {
+    skipErrorHandling?: boolean;
+};
+export declare function callApi<T extends (args: any) => Promise<any>>(url: string, request?: Parameters<T>[0], options?: CallApiOptions): Promise<Awaited<ReturnType<T>>>;
+export {};

package/utils/http.js

@@ -0,0 +1,99 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.callApi = callApi;
+const axios_1 = __importDefault(require("axios"));
+const uuid_1 = require("uuid");
+const axios_retry_1 = __importDefault(require("axios-retry"));
+(0, axios_retry_1.default)(axios_1.default, {
+    retries: 1,
+    retryCondition(error) {
+        return error.response?.status === 502;
+    },
+    retryDelay: (retryCount) => {
+        console.info(`retryCount: ${retryCount}, retryDelay: ${retryCount * 500}`);
+        return retryCount * 500;
+    },
+    onRetry(retryCount, error, requestConfig) {
+        console.info(`retryCount: ${retryCount}, onRetry: ${error.message}, requestHeader: ${JSON.stringify(requestConfig.headers)}`);
+    },
+});
+async function callApi(url, request, options) {
+    const requestId = (0, uuid_1.v4)();
+    try {
+        console.info(`准备发起SHIELD-FOR-TCB请求[${requestId}]: ${url}, 参数: ${JSON.stringify(request)}`);
+        const response = await axios_1.default.post(url, request, { headers: { 'x-request-id': requestId } });
+        const responseData = response.data;
+        return responseData.data;
+    }
+    catch (error) {
+        if (options?.skipErrorHandling) {
+            throw error;
+        }
+        const axiosError = error;
+        if (axiosError.response) {
+            const response = axiosError.response;
+            const data = response.data;
+            console.error(`SHIELD 异常: ${axiosError.message},requestId: ${requestId}`);
+            console.info('响应信息', data.message);
+            console.error('异常堆栈', JSON.stringify(error.stack));
+            throw new Error(data.errorType + ' - ' + data.message);
+        }
+        // 调用dns模块解析url
+        const dns = await Promise.resolve().then(() => __importStar(require('dns')));
+        const dnsPromise = new Promise((resolve, reject) => {
+            const lookupRes = dns.lookup(url, (err, address) => {
+                if (err) {
+                    console.error(err.message);
+                    reject(err);
+                }
+                console.info(`lookup: ${JSON.stringify(lookupRes)}`);
+                resolve(address);
+            });
+        });
+        try {
+            const address = await dnsPromise;
+            console.info(`address: ${JSON.stringify(address)}`);
+        }
+        catch (error) {
+            console.info(`error: ${JSON.stringify(error)}`);
+        }
+        console.error(`SHIELD 未知异常: ${axiosError.message}`, error.stack);
+        throw error;
+    }
+}

package/utils/string.d.ts

@@ -0,0 +1,9 @@
+/**
+ * 将驼峰命名转换为短横线命名
+ * @param str 驼峰命名字符串
+ * @returns 短横线命名字符串
+ * @example
+ * camelToKebabCase('fetchConfig') // 'fetch-config'
+ * camelToKebabCase('getCosTempSecret') // 'get-cos-temp-secret'
+ */
+export declare function camelToKebabCase(str: string): string;

package/utils/string.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.camelToKebabCase = camelToKebabCase;
+/**
+ * 将驼峰命名转换为短横线命名
+ * @param str 驼峰命名字符串
+ * @returns 短横线命名字符串
+ * @example
+ * camelToKebabCase('fetchConfig') // 'fetch-config'
+ * camelToKebabCase('getCosTempSecret') // 'get-cos-temp-secret'
+ */
+function camelToKebabCase(str) {
+    return str.replace(/([a-z])([A-Z])/g, '$1-$2').toLowerCase();
+}