refactor: move ssl file handling from resources to bridges
This commit is contained in:
Shawn
parent
ba800d853d
commit
94e24c2621
|
|
@ -20,6 +20,7 @@
|
|||
-export([start/2, stop/1]).
|
||||
|
||||
-export([ pre_config_update/3
|
||||
, post_config_update/5
|
||||
]).
|
||||
|
||||
-define(TOP_LELVE_HDLR_PATH, (emqx_bridge:config_key_path())).
|
||||
|
|
@ -46,8 +47,18 @@ pre_config_update(_, {_Oper, _, _}, undefined) ->
|
|||
pre_config_update(_, {Oper, _Type, _Name}, OldConfig) ->
|
||||
%% to save the 'enable' to the config files
|
||||
{ok, OldConfig#{<<"enable">> => operation_to_enable(Oper)}};
|
||||
pre_config_update(_, Conf, _OldConfig) when is_map(Conf) ->
|
||||
{ok, Conf}.
|
||||
pre_config_update(Path, Conf, _OldConfig) when is_map(Conf) ->
|
||||
case emqx_connector_ssl:convert_certs(filename:join(Path), Conf) of
|
||||
{error, Reason} ->
|
||||
{error, Reason};
|
||||
{ok, ConfNew} ->
|
||||
{ok, ConfNew}
|
||||
end.
|
||||
|
||||
post_config_update(Path, '$remove', _, OldConf, _AppEnvs) ->
|
||||
_ = emqx_connector_ssl:clear_certs(filename:join(Path), OldConf);
|
||||
post_config_update(_Path, _Req, _, _OldConf, _AppEnvs) ->
|
||||
ok.
|
||||
|
||||
%% internal functions
|
||||
operation_to_enable(disable) -> false;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,10 @@
|
|||
%%--------------------------------------------------------------------
|
||||
-module(emqx_connector).
|
||||
|
||||
-export([config_key_path/0]).
|
||||
-export([ config_key_path/0
|
||||
, pre_config_update/3
|
||||
, post_config_update/5
|
||||
]).
|
||||
|
||||
-export([ parse_connector_id/1
|
||||
, connector_id/2
|
||||
|
|
@ -31,20 +34,26 @@
|
|||
, delete/2
|
||||
]).
|
||||
|
||||
-export([ post_config_update/5
|
||||
]).
|
||||
|
||||
config_key_path() ->
|
||||
[connectors].
|
||||
|
||||
pre_config_update(Path, Conf, _OldConfig) when is_map(Conf) ->
|
||||
case emqx_connector_ssl:convert_certs(filename:join(Path), Conf) of
|
||||
{error, Reason} ->
|
||||
{error, Reason};
|
||||
{ok, ConfNew} ->
|
||||
{ok, ConfNew}
|
||||
end.
|
||||
|
||||
-dialyzer([{nowarn_function, [post_config_update/5]}, error_handling]).
|
||||
post_config_update([connectors, Type, Name], '$remove', _, _OldConf, _AppEnvs) ->
|
||||
post_config_update([connectors, Type, Name] = Path, '$remove', _, OldConf, _AppEnvs) ->
|
||||
ConnId = connector_id(Type, Name),
|
||||
try foreach_linked_bridges(ConnId, fun(#{type := BType, name := BName}) ->
|
||||
throw({dependency_bridges_exist, emqx_bridge:bridge_id(BType, BName)})
|
||||
end)
|
||||
catch throw:Error -> {error, Error}
|
||||
end;
|
||||
end,
|
||||
_ = emqx_connector_ssl:clear_certs(filename:join(Path), OldConf);
|
||||
post_config_update([connectors, Type, Name], _Req, NewConf, OldConf, _AppEnvs) ->
|
||||
ConnId = connector_id(Type, Name),
|
||||
foreach_linked_bridges(ConnId,
|
||||
|
|
|
|||
|
|
@ -15,37 +15,36 @@
|
|||
%% limitations under the License.
|
||||
%%--------------------------------------------------------------------
|
||||
|
||||
-module(emqx_resource_ssl).
|
||||
-module(emqx_connector_ssl).
|
||||
|
||||
-export([ convert_certs/2
|
||||
, convert_certs/3
|
||||
, clear_certs/2
|
||||
]).
|
||||
|
||||
convert_certs(ResId, NewConfig) ->
|
||||
convert_certs(ResId, NewConfig, #{}).
|
||||
|
||||
convert_certs(ResId, NewConfig, OldConfig) ->
|
||||
OldSSL = drop_invalid_certs(maps:get(ssl, OldConfig, undefined)),
|
||||
NewSSL = drop_invalid_certs(maps:get(ssl, NewConfig, undefined)),
|
||||
CertsDir = cert_dir(ResId),
|
||||
case emqx_tls_lib:ensure_ssl_files(CertsDir, NewSSL) of
|
||||
convert_certs(RltvDir, NewConfig) ->
|
||||
NewSSL = drop_invalid_certs(maps:get(<<"ssl">>, NewConfig, undefined)),
|
||||
case emqx_tls_lib:ensure_ssl_files(RltvDir, NewSSL) of
|
||||
{ok, NewSSL1} ->
|
||||
ok = emqx_tls_lib:delete_ssl_files(CertsDir, NewSSL1, OldSSL),
|
||||
{ok, new_ssl_config(NewConfig, NewSSL1)};
|
||||
{error, Reason} ->
|
||||
{error, {bad_ssl_config, Reason}}
|
||||
end.
|
||||
|
||||
clear_certs(ResId, Config) ->
|
||||
OldSSL = drop_invalid_certs(maps:get(ssl, Config, undefined)),
|
||||
ok = emqx_tls_lib:delete_ssl_files(cert_dir(ResId), undefined, OldSSL).
|
||||
|
||||
cert_dir(ResId) ->
|
||||
filename:join(["resources", ResId]).
|
||||
clear_certs(RltvDir, Config) ->
|
||||
OldSSL = drop_invalid_certs(map_get_oneof([<<"ssl">>, ssl], Config, undefined)),
|
||||
ok = emqx_tls_lib:delete_ssl_files(RltvDir, undefined, OldSSL).
|
||||
|
||||
new_ssl_config(Config, undefined) -> Config;
|
||||
new_ssl_config(Config, SSL) -> Config#{ssl => SSL}.
|
||||
new_ssl_config(Config, SSL) -> Config#{<<"ssl">> => SSL}.
|
||||
|
||||
drop_invalid_certs(undefined) -> undefined;
|
||||
drop_invalid_certs(SSL) -> emqx_tls_lib:drop_invalid_certs(SSL).
|
||||
|
||||
map_get_oneof([], _Map, Default) -> Default;
|
||||
map_get_oneof([Key | Keys], Map, Default) ->
|
||||
case maps:find(Key, Map) of
|
||||
error ->
|
||||
map_get_oneof(Keys, Map, Default);
|
||||
{ok, Value} ->
|
||||
Value
|
||||
end.
|
||||
|
|
@ -196,32 +196,14 @@ do_create(InstId, Group, ResourceType, Config, Opts) ->
|
|||
{ok, _, _} ->
|
||||
{ok, already_created};
|
||||
{error, not_found} ->
|
||||
case emqx_resource_ssl:convert_certs(InstId, Config) of
|
||||
{error, Reason} ->
|
||||
{error, Reason};
|
||||
{ok, Config1} ->
|
||||
do_create2(InstId, Group, ResourceType, Config1, Opts)
|
||||
end
|
||||
ok = do_start(InstId, Group, ResourceType, Config, Opts),
|
||||
ok = emqx_plugin_libs_metrics:create_metrics(resource_metrics, InstId,
|
||||
[matched, success, failed, exception], [matched]),
|
||||
{ok, force_lookup(InstId)}
|
||||
end.
|
||||
|
||||
do_create2(InstId, Group, ResourceType, Config, Opts) ->
|
||||
ok = do_start(InstId, Group, ResourceType, Config, Opts),
|
||||
ok = emqx_plugin_libs_metrics:create_metrics(resource_metrics, InstId,
|
||||
[matched, success, failed, exception], [matched]),
|
||||
{ok, force_lookup(InstId)}.
|
||||
|
||||
do_create_dry_run(ResourceType, Config) ->
|
||||
InstId = make_test_id(),
|
||||
case emqx_resource_ssl:convert_certs(InstId, Config) of
|
||||
{error, Reason} ->
|
||||
{error, Reason};
|
||||
{ok, Config1} ->
|
||||
Result = do_create_dry_run2(InstId, ResourceType, Config1),
|
||||
_ = emqx_resource_ssl:clear_certs(InstId, Config1),
|
||||
Result
|
||||
end.
|
||||
|
||||
do_create_dry_run2(InstId, ResourceType, Config) ->
|
||||
case emqx_resource:call_start(InstId, ResourceType, Config) of
|
||||
{ok, ResourceState} ->
|
||||
case emqx_resource:call_health_check(InstId, ResourceType, ResourceState) of
|
||||
|
|
@ -245,9 +227,8 @@ do_remove(Instance) ->
|
|||
do_remove(InstId, ClearMetrics) when is_binary(InstId) ->
|
||||
do_with_group_and_instance_data(InstId, fun do_remove/3, [ClearMetrics]).
|
||||
|
||||
do_remove(Group, #{id := InstId, config := Config} = Data, ClearMetrics) ->
|
||||
do_remove(Group, #{id := InstId} = Data, ClearMetrics) ->
|
||||
_ = do_stop(Group, Data),
|
||||
_ = emqx_resource_ssl:clear_certs(InstId, Config),
|
||||
ets:delete(emqx_resource_instance, InstId),
|
||||
case ClearMetrics of
|
||||
true -> ok = emqx_plugin_libs_metrics:clear_metrics(resource_metrics, InstId);
|
||||
|
|
|
|||
Loading…
Reference in New Issue