feat: launchpad support secret userDomains (#5119)

* feat: support secret userDomains

* update deploy

frontend/providers/applaunchpad/.env.template

@@ -1,8 +1 @@
-NEXT_PUBLIC_MOCK_USER=
-SEALOS_DOMAIN="cloud.sealos.io"
-DOMAIN_PORT=
-FASTGPT_KEY=
-CURRENCY=
-MONITOR_URL=
-INGRESS_SECRET=
-GUIDE_ENABLED=
+NEXT_PUBLIC_MOCK_USER=

frontend/providers/applaunchpad/data/config.yaml

@@ -2,19 +2,21 @@ cloud:
   domain: 127.0.0.1.nip.io
   desktopDomain: 127.0.0.1.nip.io
   port: ""
-  userDomain:
-    - 127.0.0.1.nip.io
+  userDomains:
+    - name: 127.0.0.1.nip.io
+      secretName: wildcard-cert
 common:
   guideEnabled: false
   apiEnabled: false
 launchpad:
-  ingressTlsSecretName: wildcard-cert
   eventAnalyze:
     enabled: false
     fastGPTKey: ""
   components:
     monitor:
       url: http://launchpad-monitor.sealos.svc.cluster.local:8428
+    billing:
+      url: "http://account-service.account-system.svc:2333"
   appResourceFormSliderConfig:
     default:
       cpu: [100, 200, 500, 1000, 2000, 3000, 4000, 8000]

frontend/providers/applaunchpad/deploy/Kubefile

@@ -9,7 +9,8 @@ ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
 
 ENV certSecretName="wildcard-cert"
-ENV ingressTlsSecretName="wildcard-cert"
+
 ENV monitorUrl="http://launchpad-monitor.sealos.svc.cluster.local:8428"
+ENV billingUrl="http://account-service.account-system.svc:2333"
 
 CMD ["kubectl apply -f manifests"]

frontend/providers/applaunchpad/deploy/manifests/deploy.yaml.tmpl

@@ -15,17 +15,22 @@ data:
     cloud:
       domain: {{ .cloudDomain }}
       port: {{ if .cloudPort }}:{{ .cloudPort }}{{ end }}
+      desktopDomain: {{ .cloudDomain }}
+      userDomains: 
+        - name: {{ .cloudDomain }}
+          secretName: {{ .certSecretName }}
     common:
       guideEnabled: false
       apiEnabled: false
     launchpad:
-      ingressTlsSecretName: {{ .ingressTlsSecretName }}
       eventAnalyze:
         enabled: false
         fastGPTKey: ""
       components:
         monitor:
           url: {{ .monitorUrl }}
+        billing:
+          url: {{ .billingUrl }}
       appResourceFormSliderConfig:
         default:
           cpu: [100, 200, 500, 1000, 2000, 3000, 4000, 8000]

frontend/providers/applaunchpad/src/api/platform.ts

@@ -1,6 +1,5 @@
 import type { Response as InitDataType } from '@/pages/api/platform/getInitData';
 import { GET, POST } from '@/services/request';
-import { EnvResponse } from '@/types';
 import type { AccountCRD, UserQuotaItemType, userPriceType } from '@/types/user';
 import { AuthCnamePrams } from './params';
 import { UpdateUserGuideParams } from '@/pages/api/guide/updateGuide';

frontend/providers/applaunchpad/src/pages/api/platform/getInitData.ts

@@ -10,21 +10,25 @@ import { getGpuNode } from './resourcePrice';
 export type Response = {
   SEALOS_DOMAIN: string;
   DOMAIN_PORT: string;
-  INGRESS_SECRET: string;
   SHOW_EVENT_ANALYZE: boolean;
   FORM_SLIDER_LIST_CONFIG: FormSliderListType;
   CURRENCY: Coin;
   guideEnabled: boolean;
   fileMangerConfig: FileMangerType;
-  SEALOS_USER_DOMAIN: string[];
+  SEALOS_USER_DOMAINS: { name: string; secretName: string }[];
   DESKTOP_DOMAIN: string;
 };
 
 export const defaultAppConfig: AppConfigType = {
   cloud: {
     domain: 'cloud.sealos.io',
     port: '',
-    userDomain: ['cloud.sealos.io'],
+    userDomains: [
+      {
+        name: 'cloud.sealos.io',
+        secretName: 'wildcard-cert'
+      }
+    ],
     desktopDomain: 'cloud.sealos.io'
   },
   common: {
@@ -33,7 +37,6 @@ export const defaultAppConfig: AppConfigType = {
     gpuEnabled: false
   },
   launchpad: {
-    ingressTlsSecretName: 'wildcard-cert',
     eventAnalyze: {
       enabled: false,
       fastGPTKey: ''
@@ -83,13 +86,12 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       data: {
         SEALOS_DOMAIN: global.AppConfig.cloud.domain,
         DOMAIN_PORT: global.AppConfig.cloud.port?.toString() || '',
-        INGRESS_SECRET: global.AppConfig.launchpad.ingressTlsSecretName,
         SHOW_EVENT_ANALYZE: global.AppConfig.launchpad.eventAnalyze.enabled,
         FORM_SLIDER_LIST_CONFIG: global.AppConfig.launchpad.appResourceFormSliderConfig,
         guideEnabled: global.AppConfig.common.guideEnabled,
         fileMangerConfig: global.AppConfig.launchpad.fileManger,
         CURRENCY: Coin.shellCoin,
-        SEALOS_USER_DOMAIN: global.AppConfig.cloud.userDomain || [],
+        SEALOS_USER_DOMAINS: global.AppConfig.cloud.userDomains || [],
         DESKTOP_DOMAIN: global.AppConfig.cloud.desktopDomain
       }
     });

frontend/providers/applaunchpad/src/pages/api/v1alpha/createApp.ts

@@ -17,6 +17,11 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse<
       kubeconfig: await authSession(req.headers)
     });
 
+    appForm.networks = appForm.networks.map((network) => ({
+      ...network,
+      domain: global.AppConfig.cloud.domain
+    }));
+
     const parseYamls = formData2Yamls(appForm);
 
     const yamls = parseYamls.map((item) => item.value);

frontend/providers/applaunchpad/src/pages/app/edit/components/CustomAccessModal.tsx

@@ -19,7 +19,7 @@ import { Tip } from '@sealos/ui';
 import { InfoOutlineIcon } from '@chakra-ui/icons';
 import { useRequest } from '@/hooks/useRequest';
 import { postAuthCname } from '@/api/platform';
-import { SEALOS_USER_DOMAIN } from '@/store/static';
+import { SEALOS_USER_DOMAINS } from '@/store/static';
 
 export type CustomAccessModalParams = {
   publicDomain: string;
@@ -46,7 +46,7 @@ const CustomAccessModal = ({
   const completePublicDomain = useMemo(() => `${publicDomain}.${domain}`, [publicDomain, domain]);
 
   const cnameTips = useMemo(() => {
-    return SEALOS_USER_DOMAIN.map((item) => `${publicDomain}.${item}`).join(` ${t('or')} `);
+    return SEALOS_USER_DOMAINS.map((item) => `${publicDomain}.${item.name}`).join(` ${t('or')} `);
   }, [publicDomain, t]);
 
   const { mutate: authCNAME, isLoading } = useRequest({

frontend/providers/applaunchpad/src/pages/app/edit/components/Form.tsx

@@ -5,7 +5,7 @@ import { defaultSliderKey, ProtocolList } from '@/constants/app';
 import { GpuAmountMarkList } from '@/constants/editApp';
 import { useToast } from '@/hooks/useToast';
 import { useGlobalStore } from '@/store/global';
-import { SEALOS_DOMAIN, SEALOS_USER_DOMAIN } from '@/store/static';
+import { SEALOS_DOMAIN } from '@/store/static';
 import { useUserStore } from '@/store/user';
 import type { QueryType } from '@/types';
 import type { AppEditType } from '@/types/app';

frontend/providers/applaunchpad/src/store/static.ts

@@ -2,10 +2,9 @@ import { getInitData } from '@/api/platform';
 import { Coin } from '@/constants/app';
 
 export let SEALOS_DOMAIN = 'cloud.sealos.io';
-export let SEALOS_USER_DOMAIN = ['cloud.sealos.io'];
+export let SEALOS_USER_DOMAINS = [{ name: 'cloud.sealos.io', secretName: 'wildcard-cert' }];
 export let DESKTOP_DOMAIN = 'cloud.sealos.io';
 export let DOMAIN_PORT = '';
-export let INGRESS_SECRET = 'wildcard-cert';
 export let SHOW_EVENT_ANALYZE = false;
 export let CURRENCY = Coin.shellCoin;
 export let UPLOAD_LIMIT = 50;
@@ -15,9 +14,8 @@ export const loadInitData = async () => {
   try {
     const res = await getInitData();
     SEALOS_DOMAIN = res.SEALOS_DOMAIN;
-    SEALOS_USER_DOMAIN = res.SEALOS_USER_DOMAIN;
+    SEALOS_USER_DOMAINS = res.SEALOS_USER_DOMAINS;
     DOMAIN_PORT = res.DOMAIN_PORT;
-    INGRESS_SECRET = res.INGRESS_SECRET;
     SHOW_EVENT_ANALYZE = res.SHOW_EVENT_ANALYZE;
     CURRENCY = res.CURRENCY;
     UPLOAD_LIMIT = res.fileMangerConfig.uploadLimit;
@@ -27,16 +25,14 @@ export const loadInitData = async () => {
     return {
       SEALOS_DOMAIN,
       DOMAIN_PORT,
-      INGRESS_SECRET,
       CURRENCY,
       FORM_SLIDER_LIST_CONFIG: res.FORM_SLIDER_LIST_CONFIG,
       DESKTOP_DOMAIN: res.DESKTOP_DOMAIN
     };
   } catch (error) {}
 
   return {
-    SEALOS_DOMAIN,
-    INGRESS_SECRET
+    SEALOS_DOMAIN
   };
 };
 
@@ -45,7 +41,7 @@ export const serverLoadInitData = () => {
   try {
     SEALOS_DOMAIN = global.AppConfig.cloud.domain || 'cloud.sealos.io';
     DOMAIN_PORT = global.AppConfig.cloud.port || '';
-    INGRESS_SECRET = global.AppConfig.launchpad.ingressTlsSecretName || 'wildcard-cert';
     SHOW_EVENT_ANALYZE = global.AppConfig.launchpad.eventAnalyze.enabled;
+    SEALOS_USER_DOMAINS = global.AppConfig.cloud.userDomains;
   } catch (error) {}
 };

frontend/providers/applaunchpad/src/types/app.d.ts

@@ -76,9 +76,9 @@ export interface AppEditType {
     port: number;
     protocol: ProtocolType;
     openPublicDomain: boolean;
-    publicDomain: string; // default domain // domainPrefix
+    publicDomain: string; //  domainPrefix
     customDomain: string; // custom domain
-    domain: string;
+    domain: string; // Main promoted domain
   }[];
   envs: {
     key: string;

frontend/providers/applaunchpad/src/types/index.d.ts

@@ -25,18 +25,21 @@ export type FileMangerType = {
 
 export type AppConfigType = {
   cloud: {
-    domain: string;
+    domain: string; // Main promoted domain
     port?: string;
-    userDomain: string[];
-    desktopDomain: string;
+    // List of domains available for users
+    userDomains: {
+      name: string;
+      secretName: string;
+    }[];
+    desktopDomain: string; // Domain for the desktop application
   };
   common: {
     guideEnabled: boolean;
     apiEnabled: boolean;
     gpuEnabled: boolean;
   };
   launchpad: {
-    ingressTlsSecretName: string;
     eventAnalyze: {
       enabled: boolean;
       fastGPTKey?: string;

frontend/providers/applaunchpad/src/utils/adapt.ts

@@ -219,7 +219,7 @@ export enum YamlKindEnum {
 }
 
 export const adaptAppDetail = async (configs: DeployKindsType[]): Promise<AppDetailType> => {
-  const { SEALOS_DOMAIN, SEALOS_USER_DOMAIN } = await getInitData();
+  const { SEALOS_DOMAIN, SEALOS_USER_DOMAINS } = await getInitData();
   const deployKindsMap: {
     [YamlKindEnum.StatefulSet]?: V1StatefulSet;
     [YamlKindEnum.Deployment]?: V1Deployment;
@@ -314,7 +314,7 @@ export const adaptAppDetail = async (configs: DeployKindsType[]): Promise<AppDet
 
         const isCustomDomain =
           !domain.endsWith(SEALOS_DOMAIN) &&
-          !SEALOS_USER_DOMAIN.some((user) => domain.endsWith(user));
+          !SEALOS_USER_DOMAINS.some((item) => domain.endsWith(item.name));
 
         return {
           networkName: ingress?.metadata?.name || '',

frontend/providers/applaunchpad/src/utils/deployYaml2Json.ts

@@ -7,7 +7,7 @@ import {
   minReplicasKey,
   publicDomainKey
 } from '@/constants/app';
-import { INGRESS_SECRET } from '@/store/static';
+import { SEALOS_USER_DOMAINS } from '@/store/static';
 import type { AppEditType } from '@/types/app';
 import { pathFormat, pathToNameFormat, str2Num, strToBase64 } from '@/utils/tools';
 import dayjs from 'dayjs';
@@ -274,7 +274,10 @@ export const json2Ingress = (data: AppEditType) => {
         ? network.customDomain
         : `${network.publicDomain}.${network.domain}`;
 
-      const secretName = network.customDomain ? network.networkName : INGRESS_SECRET;
+      const secretName = network.customDomain
+        ? network.networkName
+        : SEALOS_USER_DOMAINS.find((domain) => domain.name === network.domain)?.secretName ||
+          'wildcard-cert';
 
       const ingress = {
         apiVersion: 'networking.k8s.io/v1',