From c28346d67bde1866a447bb83cdf909fabfd48f1a Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 13 Jun 2023 16:06:28 +0800 Subject: [PATCH 01/17] chore: bump ecql for obfuscate sensitive data to avoid leakage --- apps/emqx_bridge_cassandra/rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/emqx_bridge_cassandra/rebar.config b/apps/emqx_bridge_cassandra/rebar.config index b8bfc7dd6..f1cc275d9 100644 --- a/apps/emqx_bridge_cassandra/rebar.config +++ b/apps/emqx_bridge_cassandra/rebar.config @@ -1,6 +1,6 @@ %% -*- mode: erlang; -*- {erl_opts, [debug_info]}. -{deps, [ {ecql, {git, "https://github.com/emqx/ecql.git", {tag, "v0.5.1"}}} +{deps, [ {ecql, {git, "https://github.com/emqx/ecql.git", {tag, "v0.5.2"}}} , {emqx_connector, {path, "../../apps/emqx_connector"}} , {emqx_resource, {path, "../../apps/emqx_resource"}} , {emqx_bridge, {path, "../../apps/emqx_bridge"}} From 249ddee5276e513c6e51604fa2a87adc02ae96ee Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 13 Jun 2023 16:13:40 +0800 Subject: [PATCH 02/17] chore: update changes --- changes/ee/perf-11035.en.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changes/ee/perf-11035.en.md diff --git a/changes/ee/perf-11035.en.md b/changes/ee/perf-11035.en.md new file mode 100644 index 000000000..4422b01bb --- /dev/null +++ b/changes/ee/perf-11035.en.md @@ -0,0 +1 @@ +Bump Cassandra driver to avoid sensitive data leakages. From 903d8d899e23a73d1ddcf4c9c35dd6bb4f1784f3 Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 15 Jun 2023 14:26:08 +0800 Subject: [PATCH 03/17] fix: .js files are required by dashboard as static revert parts of 8c1334c421c4099e403771f648b72305cd9564e5 --- apps/emqx_dashboard/src/emqx_dashboard.erl | 25 ++++++++++++++++------ 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/apps/emqx_dashboard/src/emqx_dashboard.erl b/apps/emqx_dashboard/src/emqx_dashboard.erl index 8786e869f..6299ec96b 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard.erl +++ b/apps/emqx_dashboard/src/emqx_dashboard.erl @@ -68,19 +68,13 @@ start_listeners(Listeners) -> } } }, - Dispatch = [ - {"/", cowboy_static, {priv_file, emqx_dashboard, "www/index.html"}}, - {"/static/[...]", cowboy_static, {priv_dir, emqx_dashboard, "www/static"}}, - {emqx_mgmt_api_status:path(), emqx_mgmt_api_status, []}, - {'_', emqx_dashboard_not_found, []} - ], BaseMinirest = #{ base_path => emqx_dashboard_swagger:base_path(), modules => minirest_api:find_api_modules(apps()), authorization => Authorization, security => [#{'basicAuth' => []}, #{'bearerAuth' => []}], swagger_global_spec => GlobalSpec, - dispatch => Dispatch, + dispatch => dispatch(), middlewares => [?EMQX_MIDDLE, cowboy_router, cowboy_handler] }, {OkListeners, ErrListeners} = @@ -259,3 +253,20 @@ ensure_ssl_cert(Listeners = #{https := Https0}) -> Listeners#{https => maps:from_list(Https1)}; ensure_ssl_cert(Listeners) -> Listeners. + +dispatch() -> + static_dispatch() ++ dynamic_dispatch(). + +static_dispatch() -> + StaticFiles = ["/editor.worker.js", "/json.worker.js", "/version"], + [ + {"/", cowboy_static, {priv_file, emqx_dashboard, "www/index.html"}}, + {"/static/[...]", cowboy_static, {priv_dir, emqx_dashboard, "www/static"}} + ] ++ + [{Path, cowboy_static, {priv_file, emqx_dashboard, "www" ++ Path}} || Path <- StaticFiles]. + +dynamic_dispatch() -> + [ + {emqx_mgmt_api_status:path(), emqx_mgmt_api_status, []}, + {'_', emqx_dashboard_not_found, []} + ]. From 611fc6c53ce44bae1776ac6782da324e0c448b06 Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 15 Jun 2023 14:45:12 +0800 Subject: [PATCH 04/17] chore: rm unused hocon file --- rel/i18n/emqx_connector_api.hocon | 46 ------------------------------- 1 file changed, 46 deletions(-) delete mode 100644 rel/i18n/emqx_connector_api.hocon diff --git a/rel/i18n/emqx_connector_api.hocon b/rel/i18n/emqx_connector_api.hocon deleted file mode 100644 index 4942ce981..000000000 --- a/rel/i18n/emqx_connector_api.hocon +++ /dev/null @@ -1,46 +0,0 @@ -emqx_connector_api { - -conn_get.desc: -"""List all connectors""" - -conn_get.label: -"""List All Connectors""" - -conn_id_delete.desc: -"""Delete a connector by ID""" - -conn_id_delete.label: -"""Delete Connector""" - -conn_id_get.desc: -"""Get the connector by ID""" - -conn_id_get.label: -"""Get Connector""" - -conn_id_put.desc: -"""Update an existing connector by ID""" - -conn_id_put.label: -"""Update Connector""" - -conn_post.desc: -"""Create a new connector""" - -conn_post.label: -"""Create Connector""" - -conn_test_post.desc: -"""Test creating a new connector by given ID
-The ID must be of format '{type}:{name}'""" - -conn_test_post.label: -"""Create Test Connector""" - -id.desc: -"""The connector ID. Must be of format {type}:{name}""" - -id.label: -"""Connector ID""" - -} From 0adbb0deecbc77f99330cefc8f2ac0e3feecb81a Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 09:52:28 +0800 Subject: [PATCH 05/17] feat: try to save config when post_config_update failed not in init mfa status --- apps/emqx/src/emqx_config_handler.erl | 35 +++++++++++++++++--- apps/emqx/test/emqx_config_handler_SUITE.erl | 12 +++++-- apps/emqx_conf/src/emqx_cluster_rpc.erl | 18 +++++++++- 3 files changed, 57 insertions(+), 8 deletions(-) diff --git a/apps/emqx/src/emqx_config_handler.erl b/apps/emqx/src/emqx_config_handler.erl index 80c47d09e..3752d67ab 100644 --- a/apps/emqx/src/emqx_config_handler.erl +++ b/apps/emqx/src/emqx_config_handler.erl @@ -277,13 +277,38 @@ check_and_save_configs( OldConf = emqx_config:get_root(ConfKeyPath), case do_post_config_update(ConfKeyPath, Handlers, OldConf, NewConf, AppEnvs, UpdateArgs, #{}) of {ok, Result0} -> - ok = emqx_config:save_configs(AppEnvs, NewConf, NewRawConf, OverrideConf, Opts), - Result1 = return_change_result(ConfKeyPath, UpdateArgs), - {ok, Result1#{post_config_update => Result0}}; - Error -> - Error + post_update_ok( + AppEnvs, + NewConf, + NewRawConf, + OverrideConf, + Opts, + ConfKeyPath, + UpdateArgs, + Result0 + ); + {error, {post_config_update, HandlerName, Reason}} -> + HandlePostFailureFun = + fun() -> + post_update_ok( + AppEnvs, + NewConf, + NewRawConf, + OverrideConf, + Opts, + ConfKeyPath, + UpdateArgs, + #{} + ) + end, + {error, {post_config_update, HandlerName, {Reason, HandlePostFailureFun}}} end. +post_update_ok(AppEnvs, NewConf, NewRawConf, OverrideConf, Opts, ConfKeyPath, UpdateArgs, Result0) -> + ok = emqx_config:save_configs(AppEnvs, NewConf, NewRawConf, OverrideConf, Opts), + Result1 = return_change_result(ConfKeyPath, UpdateArgs), + {ok, Result1#{post_config_update => Result0}}. + do_post_config_update(ConfKeyPath, Handlers, OldConf, NewConf, AppEnvs, UpdateArgs, Result) -> do_post_config_update( ConfKeyPath, diff --git a/apps/emqx/test/emqx_config_handler_SUITE.erl b/apps/emqx/test/emqx_config_handler_SUITE.erl index d2f2faedb..b13da79f6 100644 --- a/apps/emqx/test/emqx_config_handler_SUITE.erl +++ b/apps/emqx/test/emqx_config_handler_SUITE.erl @@ -317,11 +317,19 @@ wait_for_new_pid() -> Pid end. -callback_error(FailedPath, Update, Error) -> +callback_error(FailedPath, Update, ExpectError) -> Opts = #{rawconf_with_defaults => true}, ok = emqx_config_handler:add_handler(FailedPath, ?MODULE), Old = emqx:get_raw_config(FailedPath, undefined), - ?assertEqual(Error, emqx:update_config(FailedPath, Update, Opts)), + Error = emqx:update_config(FailedPath, Update, Opts), + case ExpectError of + {error, {post_config_update, ?MODULE, post_config_update_error}} -> + ?assertMatch( + {error, {post_config_update, ?MODULE, {post_config_update_error, _}}}, Error + ); + _ -> + ?assertEqual(ExpectError, Error) + end, New = emqx:get_raw_config(FailedPath, undefined), ?assertEqual(Old, New), ok = emqx_config_handler:remove_handler(FailedPath), diff --git a/apps/emqx_conf/src/emqx_cluster_rpc.erl b/apps/emqx_conf/src/emqx_cluster_rpc.erl index 91558630f..9e930e693 100644 --- a/apps/emqx_conf/src/emqx_cluster_rpc.erl +++ b/apps/emqx_conf/src/emqx_cluster_rpc.erl @@ -476,7 +476,23 @@ trans_query(TnxId) -> apply_mfa(TnxId, {M, F, A}, Kind) -> Res = try - erlang:apply(M, F, A) + case erlang:apply(M, F, A) of + {error, {post_config_update, HandlerName, {Reason0, PostFailureFun}}} when + Kind =/= ?APPLY_KIND_INITIATE + -> + ?SLOG(error, #{ + msg => "post_config_update_failed", + handler => HandlerName, + reason => Reason0 + }), + PostFailureFun(); + {error, {post_config_update, HandlerName, {Reason0, _Fun}}} when + Kind =:= ?APPLY_KIND_INITIATE + -> + {error, {post_config_update, HandlerName, Reason0}}; + Result -> + Result + end catch throw:Reason -> {error, #{reason => Reason}}; From 84a5d0c3c11508123f4527bc988a02fe7ce34e26 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 16:56:47 +0800 Subject: [PATCH 06/17] fix: delete a default listener then recreate it, it's disabled --- apps/emqx/src/emqx_listeners.erl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/apps/emqx/src/emqx_listeners.erl b/apps/emqx/src/emqx_listeners.erl index c290cc88d..1c21d1d2e 100644 --- a/apps/emqx/src/emqx_listeners.erl +++ b/apps/emqx/src/emqx_listeners.erl @@ -492,7 +492,9 @@ pre_config_update([?ROOT_KEY], RawConf, RawConf) -> pre_config_update([?ROOT_KEY], NewConf, _RawConf) -> {ok, convert_certs(NewConf)}. -post_config_update([?ROOT_KEY, Type, Name], {create, _Request}, NewConf, undefined, _AppEnvs) -> +post_config_update([?ROOT_KEY, Type, Name], {create, _Request}, NewConf, OldConf, _AppEnvs) when + OldConf =:= undefined orelse OldConf =:= ?TOMBSTONE_TYPE +-> create_listener(Type, Name, NewConf); post_config_update([?ROOT_KEY, Type, Name], {update, _Request}, NewConf, OldConf, _AppEnvs) -> update_listener(Type, Name, {OldConf, NewConf}); From 9d9f0db51623d096e06e63681d6906d4c4c1a30e Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 17:19:01 +0800 Subject: [PATCH 07/17] chore: update 11056 changelog --- changes/ce/fix-11056.en.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changes/ce/fix-11056.en.md diff --git a/changes/ce/fix-11056.en.md b/changes/ce/fix-11056.en.md new file mode 100644 index 000000000..7c3164289 --- /dev/null +++ b/changes/ce/fix-11056.en.md @@ -0,0 +1,3 @@ +- Fix the issue where newly created listeners do not start properly at times, + when you delete a system default listener and add a new one named 'default', it will not start correctly. +- Fix the bug where configuration failure on certain nodes can cause dashboard unavailability. From e6c2da8d196616137fcba9f3367dd523da4c1208 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 17:53:27 +0800 Subject: [PATCH 08/17] feat: rename log.file.to to log.file.path --- apps/emqx/src/config/emqx_config_logger.erl | 2 +- apps/emqx_conf/src/emqx_conf_schema.erl | 4 ++-- apps/emqx_conf/test/emqx_conf_logger_SUITE.erl | 4 ++-- apps/emqx_conf/test/emqx_conf_schema_tests.erl | 8 ++++---- changes/ce/feat-11062.en.md | 1 + 5 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 changes/ce/feat-11062.en.md diff --git a/apps/emqx/src/config/emqx_config_logger.erl b/apps/emqx/src/config/emqx_config_logger.erl index a7bf54aee..4b9180175 100644 --- a/apps/emqx/src/config/emqx_config_logger.erl +++ b/apps/emqx/src/config/emqx_config_logger.erl @@ -151,7 +151,7 @@ tr_file_handler({HandlerName, SubConf}) -> level => conf_get("level", SubConf), config => (log_handler_conf(SubConf))#{ type => wrap, - file => conf_get("to", SubConf), + file => conf_get("path", SubConf), max_no_files => conf_get("rotation_count", SubConf), max_no_bytes => conf_get("rotation_size", SubConf) }, diff --git a/apps/emqx_conf/src/emqx_conf_schema.erl b/apps/emqx_conf/src/emqx_conf_schema.erl index 9725c2da9..1fec22715 100644 --- a/apps/emqx_conf/src/emqx_conf_schema.erl +++ b/apps/emqx_conf/src/emqx_conf_schema.erl @@ -909,13 +909,13 @@ fields("console_handler") -> log_handler_common_confs(console); fields("log_file_handler") -> [ - {"to", + {"path", sc( file(), #{ desc => ?DESC("log_file_handler_file"), default => <<"${EMQX_LOG_DIR}/emqx.log">>, - aliases => [file], + aliases => [file, to], importance => ?IMPORTANCE_HIGH, converter => fun(Path, Opts) -> emqx_schema:naive_env_interpolation(ensure_unicode_path(Path, Opts)) diff --git a/apps/emqx_conf/test/emqx_conf_logger_SUITE.erl b/apps/emqx_conf/test/emqx_conf_logger_SUITE.erl index ba74ed986..a53a81565 100644 --- a/apps/emqx_conf/test/emqx_conf_logger_SUITE.erl +++ b/apps/emqx_conf/test/emqx_conf_logger_SUITE.erl @@ -43,7 +43,7 @@ file { enable = true level = info - to = \"log/emqx.log\" + path = \"log/emqx.log\" } } """). @@ -67,7 +67,7 @@ t_log_conf(_Conf) -> <<"rotation_count">> => 10, <<"rotation_size">> => <<"50MB">>, <<"time_offset">> => <<"system">>, - <<"to">> => <<"log/emqx.log">> + <<"path">> => <<"log/emqx.log">> }, ExpectLog1 = #{ <<"console">> => diff --git a/apps/emqx_conf/test/emqx_conf_schema_tests.erl b/apps/emqx_conf/test/emqx_conf_schema_tests.erl index d274052f9..8e056c018 100644 --- a/apps/emqx_conf/test/emqx_conf_schema_tests.erl +++ b/apps/emqx_conf/test/emqx_conf_schema_tests.erl @@ -206,7 +206,7 @@ log_rotation_count_limit_test() -> """ log.file { enable = true - to = \"log/emqx.log\" + path = \"log/emqx.log\" formatter = text level = debug rotation = {count = ~w} @@ -434,7 +434,7 @@ log_path_test_() -> #{<<"log">> => #{<<"file_handlers">> => #{<<"name1">> => #{<<"file">> => Path}}}} end, Assert = fun(Name, Path, Conf) -> - ?assertMatch(#{log := #{file := #{Name := #{to := Path}}}}, Conf) + ?assertMatch(#{log := #{file := #{Name := #{path := Path}}}}, Conf) end, [ @@ -452,7 +452,7 @@ log_path_test_() -> "handler_name" := #{ kind := validation_error, - path := "log.file.name1.to", + path := "log.file.name1.path", reason := {"bad_file_path_string", _} } } @@ -471,7 +471,7 @@ log_path_test_() -> "handler_name" := #{ kind := validation_error, - path := "log.file.name1.to", + path := "log.file.name1.path", reason := {"not_string", _} } } diff --git a/changes/ce/feat-11062.en.md b/changes/ce/feat-11062.en.md new file mode 100644 index 000000000..1cfc19411 --- /dev/null +++ b/changes/ce/feat-11062.en.md @@ -0,0 +1 @@ +Rename `log.file.to` to `log.file.path`. From 9060a2dc058f7d49bd3a98678fa252896cd36baa Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 19:05:05 +0800 Subject: [PATCH 09/17] chore: bump to e5.1.0-alpha.7 --- Makefile | 4 ++-- apps/emqx/include/emqx_release.hrl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 5316f1bb2..6b525b496 100644 --- a/Makefile +++ b/Makefile @@ -13,10 +13,10 @@ else FIND=find endif -# Dashbord version +# Dashboard version # from https://github.com/emqx/emqx-dashboard5 export EMQX_DASHBOARD_VERSION ?= v1.2.6-beta.1 -export EMQX_EE_DASHBOARD_VERSION ?= e1.1.0-beta.5 +export EMQX_EE_DASHBOARD_VERSION ?= e1.1.0-beta.6 # `:=` should be used here, otherwise the `$(shell ...)` will be executed every time when the variable is used # In make 4.4+, for backward-compatibility the value from the original environment is used. diff --git a/apps/emqx/include/emqx_release.hrl b/apps/emqx/include/emqx_release.hrl index b9732e415..fe37a75ff 100644 --- a/apps/emqx/include/emqx_release.hrl +++ b/apps/emqx/include/emqx_release.hrl @@ -35,7 +35,7 @@ -define(EMQX_RELEASE_CE, "5.1.0-alpha.5"). %% Enterprise edition --define(EMQX_RELEASE_EE, "5.1.0-alpha.6"). +-define(EMQX_RELEASE_EE, "5.1.0-alpha.7"). %% The HTTP API version -define(EMQX_API_VERSION, "5.0"). From fc1d78134adb5ece829f7426aba8344434a7c5b6 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Thu, 15 Jun 2023 19:13:51 +0800 Subject: [PATCH 10/17] test: replace 'to' with 'path' --- apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl | 4 ++-- apps/emqx_management/test/emqx_mgmt_api_nodes_SUITE.erl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl b/apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl index 8c2be7c9a..7993197ba 100644 --- a/apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl +++ b/apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl @@ -100,7 +100,7 @@ t_log(_Config) -> File = "log/emqx-test.log", %% update handler Log1 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"enable">>], Log, true), - Log2 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"to">>], Log1, File), + Log2 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"path">>], Log1, File), {ok, #{}} = update_config(<<"log">>, Log2), {ok, Log3} = logger:get_handler_config(default), ?assertMatch(#{config := #{file := File}}, Log3), @@ -116,7 +116,7 @@ t_log(_Config) -> Handler = emqx_utils_maps:deep_get([<<"file">>, <<"default">>], Log2), NewLog1 = emqx_utils_maps:deep_put([<<"file">>, <<"new">>], Log2, Handler), NewLog2 = emqx_utils_maps:deep_put( - [<<"file">>, <<"new">>, <<"to">>], NewLog1, File1 + [<<"file">>, <<"new">>, <<"path">>], NewLog1, File1 ), {ok, #{}} = update_config(<<"log">>, NewLog2), {ok, Log4} = logger:get_handler_config(new), diff --git a/apps/emqx_management/test/emqx_mgmt_api_nodes_SUITE.erl b/apps/emqx_management/test/emqx_mgmt_api_nodes_SUITE.erl index efabe32c8..4154752ab 100644 --- a/apps/emqx_management/test/emqx_mgmt_api_nodes_SUITE.erl +++ b/apps/emqx_management/test/emqx_mgmt_api_nodes_SUITE.erl @@ -35,7 +35,7 @@ init_per_testcase(t_log_path, Config) -> Log = emqx_conf:get_raw([log], #{}), File = "log/emqx-test.log", Log1 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"enable">>], Log, true), - Log2 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"to">>], Log1, File), + Log2 = emqx_utils_maps:deep_put([<<"file">>, <<"default">>, <<"path">>], Log1, File), {ok, #{}} = emqx_conf:update([log], Log2, #{rawconf_with_defaults => true}), Config; init_per_testcase(_, Config) -> From e38236eb05b0966a86a244bd6d0a9468aecf6efb Mon Sep 17 00:00:00 2001 From: JianBo He Date: Thu, 15 Jun 2023 21:55:53 +0800 Subject: [PATCH 11/17] build: fix the EXTRA_DEPS not working in workflows --- .github/workflows/build_and_push_docker_images.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index fcf1e5883..6e9b272e0 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -167,9 +167,14 @@ jobs: img_suffix="-elixir" extra_labels="org.opencontainers.image.elixir.version=${{ matrix.elixir }}" fi + extra_deps= + if [[ "$PROFILE" = *enterprise* ]]; then + extra_deps='libsasl2-2' + fi echo "img_suffix=$img_suffix" >> $GITHUB_OUTPUT echo "extra_labels=$extra_labels" >> $GITHUB_OUTPUT + echo "extra_deps=$extra_deps" >> $GITHUB_OUTPUT - uses: docker/metadata-action@v4 id: meta @@ -196,5 +201,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-args: | EMQX_NAME=${{ matrix.profile }}${{ steps.pre-meta.outputs.img_suffix }} + EXTRA_DEPS=${{ steps.pre-meta.outputs.extra_deps }} file: source/${{ matrix.os[2] }} context: source From 5f9bd5e4c9dfe62eb4264835a735b60076a9ad33 Mon Sep 17 00:00:00 2001 From: JianBo He Date: Thu, 15 Jun 2023 23:17:04 +0800 Subject: [PATCH 12/17] chore: update .github/workflows/build_and_push_docker_images.yaml Co-authored-by: Thales Macedo Garitezi --- .github/workflows/build_and_push_docker_images.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index 6e9b272e0..3495c647b 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -168,7 +168,7 @@ jobs: extra_labels="org.opencontainers.image.elixir.version=${{ matrix.elixir }}" fi extra_deps= - if [[ "$PROFILE" = *enterprise* ]]; then + if [[ "${{ matrix.profile }}" = *enterprise* ]]; then extra_deps='libsasl2-2' fi From e127df3912867e8b108f9381b214b294e83962e3 Mon Sep 17 00:00:00 2001 From: Paulo Zulato Date: Thu, 15 Jun 2023 17:53:08 -0300 Subject: [PATCH 13/17] chore(influxdb): bump version for influxdb client --- apps/emqx_bridge_influxdb/rebar.config | 2 +- mix.exs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/emqx_bridge_influxdb/rebar.config b/apps/emqx_bridge_influxdb/rebar.config index 29ae34009..9f1e72515 100644 --- a/apps/emqx_bridge_influxdb/rebar.config +++ b/apps/emqx_bridge_influxdb/rebar.config @@ -1,7 +1,7 @@ {erl_opts, [debug_info]}. {deps, [ - {influxdb, {git, "https://github.com/emqx/influxdb-client-erl", {tag, "1.1.10"}}}, + {influxdb, {git, "https://github.com/emqx/influxdb-client-erl", {tag, "1.1.11"}}}, {emqx_connector, {path, "../../apps/emqx_connector"}}, {emqx_resource, {path, "../../apps/emqx_resource"}}, {emqx_bridge, {path, "../../apps/emqx_bridge"}} diff --git a/mix.exs b/mix.exs index 01fd5c351..d55bff868 100644 --- a/mix.exs +++ b/mix.exs @@ -193,7 +193,7 @@ defmodule EMQXUmbrella.MixProject do defp enterprise_deps(_profile_info = %{edition_type: :enterprise}) do [ {:hstreamdb_erl, github: "hstreamdb/hstreamdb_erl", tag: "0.2.5"}, - {:influxdb, github: "emqx/influxdb-client-erl", tag: "1.1.10", override: true}, + {:influxdb, github: "emqx/influxdb-client-erl", tag: "1.1.11", override: true}, {:wolff, github: "kafka4beam/wolff", tag: "1.7.5"}, {:kafka_protocol, github: "kafka4beam/kafka_protocol", tag: "4.1.3", override: true}, {:brod_gssapi, github: "kafka4beam/brod_gssapi", tag: "v0.1.0"}, From b49b80d36c684f4ff3cc34601bf1a45e75a47cdc Mon Sep 17 00:00:00 2001 From: Serge Tupchii Date: Wed, 14 Jun 2023 18:52:55 +0300 Subject: [PATCH 14/17] fix(emqx_schema): use non negative integer type for 'depth' SSL option Closes: EMQX-10276 --- apps/emqx/src/emqx_schema.erl | 2 +- apps/emqx/test/emqx_schema_tests.erl | 8 ++++++++ changes/ce/fix-11051.en.md | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changes/ce/fix-11051.en.md diff --git a/apps/emqx/src/emqx_schema.erl b/apps/emqx/src/emqx_schema.erl index 70dcaf840..67834839d 100644 --- a/apps/emqx/src/emqx_schema.erl +++ b/apps/emqx/src/emqx_schema.erl @@ -2044,7 +2044,7 @@ common_ssl_opts_schema(Defaults, Type) -> )}, {"depth", sc( - integer(), + non_neg_integer(), #{ default => Df("depth", 10), desc => ?DESC(common_ssl_opts_schema_depth) diff --git a/apps/emqx/test/emqx_schema_tests.erl b/apps/emqx/test/emqx_schema_tests.erl index a6e72cd27..446c9e586 100644 --- a/apps/emqx/test/emqx_schema_tests.erl +++ b/apps/emqx/test/emqx_schema_tests.erl @@ -106,6 +106,14 @@ ssl_opts_version_gap_test_() -> || S <- [Sc, RanchSc] ]. +ssl_opts_cert_depth_test() -> + Sc = emqx_schema:server_ssl_opts_schema(#{}, false), + Reason = #{expected_type => "non_neg_integer()"}, + ?assertThrow( + {_Sc, [#{kind := validation_error, reason := Reason}]}, + validate(Sc, #{<<"depth">> => -1}) + ). + bad_cipher_test() -> Sc = emqx_schema:server_ssl_opts_schema(#{}, false), Reason = {bad_ciphers, ["foo"]}, diff --git a/changes/ce/fix-11051.en.md b/changes/ce/fix-11051.en.md new file mode 100644 index 000000000..d782be226 --- /dev/null +++ b/changes/ce/fix-11051.en.md @@ -0,0 +1 @@ +Add validation to ensure that certificate 'depth' (listener SSL option) is a non negative integer. From c4e7129cb6ccc8053d902dcd3cb77791334e1db7 Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 15 Jun 2023 18:08:29 +0800 Subject: [PATCH 15/17] fix: use mria.cluster_autoclean and mria.cluster_autoheal --- apps/emqx_conf/src/emqx_conf_schema.erl | 4 ++-- apps/emqx_management/src/emqx_mgmt.erl | 3 ++- changes/ce/fix-11070.en.md | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 changes/ce/fix-11070.en.md diff --git a/apps/emqx_conf/src/emqx_conf_schema.erl b/apps/emqx_conf/src/emqx_conf_schema.erl index 1fec22715..e6cb93ac0 100644 --- a/apps/emqx_conf/src/emqx_conf_schema.erl +++ b/apps/emqx_conf/src/emqx_conf_schema.erl @@ -164,7 +164,7 @@ fields("cluster") -> sc( emqx_schema:duration(), #{ - mapping => "ekka.cluster_autoclean", + mapping => "mria.cluster_autoclean", default => <<"5m">>, desc => ?DESC(cluster_autoclean), 'readOnly' => true @@ -174,7 +174,7 @@ fields("cluster") -> sc( boolean(), #{ - mapping => "ekka.cluster_autoheal", + mapping => "mria.cluster_autoheal", default => true, desc => ?DESC(cluster_autoheal), 'readOnly' => true diff --git a/apps/emqx_management/src/emqx_mgmt.erl b/apps/emqx_management/src/emqx_mgmt.erl index 225b35fd1..6ea2b5549 100644 --- a/apps/emqx_management/src/emqx_mgmt.erl +++ b/apps/emqx_management/src/emqx_mgmt.erl @@ -118,6 +118,7 @@ list_nodes() -> Running = emqx:cluster_nodes(running), + %% all stopped core nodes Stopped = emqx:cluster_nodes(stopped), DownNodes = lists:map(fun stopped_node_info/1, Stopped), [{Node, Info} || #{node := Node} = Info <- node_info(Running)] ++ DownNodes. @@ -181,7 +182,7 @@ node_info(Nodes) -> emqx_rpc:unwrap_erpc(emqx_management_proto_v3:node_info(Nodes)). stopped_node_info(Node) -> - {Node, #{node => Node, node_status => 'stopped'}}. + {Node, #{node => Node, node_status => 'stopped', role => core}}. vm_stats() -> Idle = diff --git a/changes/ce/fix-11070.en.md b/changes/ce/fix-11070.en.md new file mode 100644 index 000000000..c18d1e2d5 --- /dev/null +++ b/changes/ce/fix-11070.en.md @@ -0,0 +1 @@ +Fix the problem that the cluster.autoclean configuration item does not take effect. From b84623d640faa910c19148bf33b03eda4ba06874 Mon Sep 17 00:00:00 2001 From: JianBo He Date: Fri, 16 Jun 2023 19:54:09 +0800 Subject: [PATCH 16/17] fix(build): add libsasl2-modules-gssapi-mit as deps Before this fix, the kerberos authentication in kafka will report the following errors: ``` ... {{sasl_auth_error,{sass_nomech,<<"SASL(-4): no mechanism available: No worthy mechs found">>}}, ``` --- build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build b/build index f3591d6a1..5464219b3 100755 --- a/build +++ b/build @@ -380,7 +380,7 @@ make_docker() { ## extra_deps is a comma separated list of debian 11 package names local extra_deps='' if [[ "$PROFILE" = *enterprise* ]]; then - extra_deps='libsasl2-2' + extra_deps='libsasl2-2,libsasl2-modules-gssapi-mit' fi echo '_build' >> ./.dockerignore set -x From 274eb5af1ce6430ebabaf754aeecccec382a14b2 Mon Sep 17 00:00:00 2001 From: Kinplemelon Date: Sun, 18 Jun 2023 22:01:51 +0900 Subject: [PATCH 17/17] chore: upgrade dashboard to e1.1.0-beta.7 for ee and v1.3.0 for ce --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6b525b496..f04f2fd77 100644 --- a/Makefile +++ b/Makefile @@ -15,8 +15,8 @@ endif # Dashboard version # from https://github.com/emqx/emqx-dashboard5 -export EMQX_DASHBOARD_VERSION ?= v1.2.6-beta.1 -export EMQX_EE_DASHBOARD_VERSION ?= e1.1.0-beta.6 +export EMQX_DASHBOARD_VERSION ?= v1.3.0 +export EMQX_EE_DASHBOARD_VERSION ?= e1.1.0-beta.7 # `:=` should be used here, otherwise the `$(shell ...)` will be executed every time when the variable is used # In make 4.4+, for backward-compatibility the value from the original environment is used.