fix(connector.letsencrypt): Improve Lets Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config

2025-08-18 21:24:46 +00:00
parent 1580bb1585
commit 4b3b91312b
5 changed files with 34 additions and 14 deletions
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,24 @@
 # Changelog

+## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
+Improve Let's Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config
+
+- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler (smartacme.handlers.Dns01Handler) using Cloudflare to manage ACME DNS challenges.
+- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
+- Initialize SmartAcme with certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
+- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject) to fix the getCertificateForDomain response payload.
+- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
+- Bump commitinfo versions to 5.0.6 and update changelog.
+
+## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
+Improve Let's Encrypt integration and certificate handling; add local assistant permissions config
+
+- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler using Cloudflare (smartacme.handlers.Dns01Handler) to manage ACME DNS challenges.
+- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
+- Update SmartAcme initialization to use certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
+- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject), fixing the response payload for getCertificateForDomain.
+- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
+
 ## 2025-08-18 - 5.0.5 - fix(coreflow)
 Fix Coreflow identity lookup and response shape; improve API client tests and bump dependencies

--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/cloudly',
-  version: '5.0.5',
+  version: '5.0.6',
  description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
 }
--- a/ts/connector.letsencrypt/connector.ts
+++ b/ts/connector.letsencrypt/connector.ts
@@ -18,21 +18,22 @@ export class LetsencryptConnector {
   * inits letsencrypt
   */
  public async init() {
+    // Create DNS-01 challenge handler using Cloudflare
+    const dnsHandler = new plugins.smartacme.handlers.Dns01Handler(
+      this.cloudlyRef.cloudflareConnector.cloudflare
+    );
+
+    // Create MongoDB certificate manager
+    const certManager = new plugins.smartacme.certmanagers.MongoCertManager(
+      this.cloudlyRef.config.data.mongoDescriptor
+    );
+
    this.smartacme = new plugins.smartacme.SmartAcme({
      accountEmail: this.cloudlyRef.config.data.letsEncryptEmail,
      accountPrivateKey: this.cloudlyRef.config.data.letsEncryptPrivateKey,
      environment: this.cloudlyRef.config.data.environment,
-      setChallenge: async (dnsChallenge) => {
-        await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeSetDnsChallenge(
-          dnsChallenge,
-        );
-      },
-      removeChallenge: async (dnsChallenge) => {
-        await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeRemoveDnsChallenge(
-          dnsChallenge,
-        );
-      },
-      mongoDescriptor: this.cloudlyRef.config.data.mongoDescriptor,
+      certManager: certManager,
+      challengeHandlers: [dnsHandler],
    });
    await this.smartacme.start().catch((err) => {
      console.error('error in init', err);
--- a/ts/manager.coreflow/coreflowmanager.ts
+++ b/ts/manager.coreflow/coreflowmanager.ts
@@ -92,7 +92,7 @@ export class CloudlyCoreflowManager {
          );
          console.log(`got certificate ready for reponse ${dataArg.domainName}`);
          return {
-            certificate: await cert.createSavableObject(),
+            certificate: cert,
          };
        }
      )
--- a/ts_web/00_commitinfo_data.ts
+++ b/ts_web/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/cloudly',
-  version: '5.0.5',
+  version: '5.0.6',
  description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
 }