From d52008fb55e399ea69ff727292d4359112067aea Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Mon, 4 Mar 2024 16:40:37 +0100 Subject: [PATCH 01/15] chore: update changelog --- changes/e5.5.1.en.md | 4 ++++ changes/v5.5.1.en.md | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/changes/e5.5.1.en.md b/changes/e5.5.1.en.md index a0772bbf1..0c705b9a7 100644 --- a/changes/e5.5.1.en.md +++ b/changes/e5.5.1.en.md @@ -24,6 +24,10 @@ - [#12606](https://github.com/emqx/emqx/pull/12606) The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the `emqx_cert_expiry_at` metric will report a value of 0, indicating the non-existence of the certificate. +- [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. + +- [#12632](https://github.com/emqx/emqx/pull/12632) Fix an issue when rule engine SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from 1st of March on leap years. + - [#12608](https://github.com/emqx/emqx/pull/12608) Fixed a `function_clause` error in the IoTDB action caused by the absence of a `payload` field in query data. - [#12610](https://github.com/emqx/emqx/pull/12610) Fixed an issue where connections to the LDAP connector could unexpectedly disconnect after a certain period of time. diff --git a/changes/v5.5.1.en.md b/changes/v5.5.1.en.md index 8b5c0716d..517b88971 100644 --- a/changes/v5.5.1.en.md +++ b/changes/v5.5.1.en.md @@ -19,3 +19,7 @@ - [#12601](https://github.com/emqx/emqx/pull/12601) Fixed an issue where logs of the LDAP driver were not being captured. Now, all logs are recorded at the `info` level. - [#12606](https://github.com/emqx/emqx/pull/12606) The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the `emqx_cert_expiry_at` metric will report a value of 0, indicating the non-existence of the certificate. + +- [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. + +- [#12632](https://github.com/emqx/emqx/pull/12632) Fix an issue when rule engine SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from 1st of March on leap years. From 6c9eb16a9534bb6ea1038ee88d094126930c2208 Mon Sep 17 00:00:00 2001 From: zmstone Date: Mon, 4 Mar 2024 17:52:52 +0100 Subject: [PATCH 02/15] refactor(logger): reorder log fields tag > clientid > msg > peername > username > topic > [other fields] --- apps/emqx/src/emqx_logger_textfmt.erl | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/apps/emqx/src/emqx_logger_textfmt.erl b/apps/emqx/src/emqx_logger_textfmt.erl index c31eb2015..b68c4b366 100644 --- a/apps/emqx/src/emqx_logger_textfmt.erl +++ b/apps/emqx/src/emqx_logger_textfmt.erl @@ -22,7 +22,11 @@ check_config(X) -> logger_formatter:check_config(X). +%% Principle here is to delegate the formatting to logger_formatter:format/2 +%% as much as possible, and only enrich the report with clientid, peername, topic, username format(#{msg := {report, ReportMap}, meta := Meta} = Event, Config) when is_map(ReportMap) -> + %% The most common case, when entering from SLOG macro + %% i.e. logger:log(Level, #{msg => "my_msg", foo => bar}) ReportList = enrich_report(ReportMap, Meta), Report = case is_list_report_acceptable(Meta) of @@ -33,13 +37,17 @@ format(#{msg := {report, ReportMap}, meta := Meta} = Event, Config) when is_map( end, logger_formatter:format(Event#{msg := {report, Report}}, Config); format(#{msg := {string, String}} = Event, Config) -> + %% copied from logger_formatter:format/2 + %% unsure how this case is triggered format(Event#{msg => {"~ts ", [String]}}, Config); -%% trace format(#{msg := Msg0, meta := Meta} = Event, Config) -> + %% For format strings like logger:log(Level, "~p", [Var]) + %% and logger:log(Level, "message", #{key => value}) Msg1 = enrich_client_info(Msg0, Meta), Msg2 = enrich_topic(Msg1, Meta), logger_formatter:format(Event#{msg := Msg2}, Config). +%% Other report callbacks may only accept map() reports such as gen_server formatter is_list_report_acceptable(#{report_cb := Cb}) -> Cb =:= fun logger:format_otp_report/1 orelse Cb =:= fun logger:format_report/1; is_list_report_acceptable(_) -> @@ -61,19 +69,21 @@ enrich_report(ReportRaw, Meta) -> ClientId = maps:get(clientid, Meta, undefined), Peer = maps:get(peername, Meta, undefined), Msg = maps:get(msg, ReportRaw, undefined), + Tag = maps:get(tag, ReportRaw, undefined), %% turn it into a list so that the order of the fields is determined lists:foldl( fun ({_, undefined}, Acc) -> Acc; (Item, Acc) -> [Item | Acc] end, - maps:to_list(maps:without([topic, msg, clientid, username], ReportRaw)), + maps:to_list(maps:without([topic, msg, clientid, username, tag], ReportRaw)), [ - {username, try_format_unicode(Username)}, {topic, try_format_unicode(Topic)}, - {clientid, try_format_unicode(ClientId)}, + {username, try_format_unicode(Username)}, {peername, Peer}, - {msg, Msg} + {msg, Msg}, + {clientid, try_format_unicode(ClientId)}, + {tag, Tag} ] ). From 9929025820b684748a8b35668ae0fea9f980bb41 Mon Sep 17 00:00:00 2001 From: zmstone Date: Mon, 4 Mar 2024 21:25:49 +0100 Subject: [PATCH 03/15] fix(rule_func): time zone shift at wrong precision --- .../emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl | 13 ++++++++++++- apps/emqx_utils/src/emqx_utils_calendar.erl | 2 +- changes/ce/fix-12646.en.md | 3 +++ 3 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 changes/ce/fix-12646.en.md diff --git a/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl index 358cca3fe..f0c5434d8 100644 --- a/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl +++ b/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl @@ -1181,7 +1181,18 @@ t_parse_date_errors(_) -> ?assertEqual( UnixTsLeap2, emqx_rule_funcs:date_to_unix_ts(second, <<"%Y-%m-%d %H:%M:%S">>, <<"2024-03-04 06:56:27">>) - ). + ), + + %% None zero zone shift with millisecond level precision + Tz1 = calendar:rfc3339_to_system_time("2024-02-23T15:00:00.123+08:00", [{unit, second}]), + ?assertEqual( + Tz1, + emqx_rule_funcs:date_to_unix_ts( + second, <<"%Y-%m-%d %H:%M:%S.%3N%:z">>, <<"2024-02-23 15:00:00.123+08:00">> + ) + ), + + ok. %%------------------------------------------------------------------------------ %% Utility functions diff --git a/apps/emqx_utils/src/emqx_utils_calendar.erl b/apps/emqx_utils/src/emqx_utils_calendar.erl index a57bba544..a3c1450cd 100644 --- a/apps/emqx_utils/src/emqx_utils_calendar.erl +++ b/apps/emqx_utils/src/emqx_utils_calendar.erl @@ -507,7 +507,7 @@ do_parse(DateStr, Unit, Formatter) -> (nanosecond, V, Res) -> Res + V; (parsed_offset, V, Res) -> - Res - V + Res - V * Precise end, Count = maps:fold(Counter, 0, DateInfo) - (?SECONDS_PER_DAY * Precise), erlang:convert_time_unit(Count, PrecisionUnit, Unit). diff --git a/changes/ce/fix-12646.en.md b/changes/ce/fix-12646.en.md new file mode 100644 index 000000000..5edd92cd7 --- /dev/null +++ b/changes/ce/fix-12646.en.md @@ -0,0 +1,3 @@ +Fix rule engine date time string parser. + +Prior to this fix, time zone shift can only work when date time string is at second level precision. From cb0066d639a9ce8d3cbe3b6635fe533509122599 Mon Sep 17 00:00:00 2001 From: zmstone Date: Mon, 4 Mar 2024 17:57:31 +0100 Subject: [PATCH 04/15] chore: add tag for logs from MQTT connection modules --- apps/emqx/src/emqx_connection.erl | 20 +++++++++++--------- apps/emqx/src/emqx_ws_connection.erl | 16 +++++++++------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/apps/emqx/src/emqx_connection.erl b/apps/emqx/src/emqx_connection.erl index 2d7435858..e0baab238 100644 --- a/apps/emqx/src/emqx_connection.erl +++ b/apps/emqx/src/emqx_connection.erl @@ -186,6 +186,8 @@ -define(LIMITER_BYTES_IN, bytes). -define(LIMITER_MESSAGE_IN, messages). +-define(LOG(Level, Data), ?SLOG(Level, (Data)#{tag => "MQTT"})). + -dialyzer({no_match, [info/2]}). -dialyzer( {nowarn_function, [ @@ -282,7 +284,7 @@ async_set_keepalive(OS, Pid, Idle, Interval, Probes) -> {ok, Options} -> async_set_socket_options(Pid, Options); {error, {unsupported_os, OS}} -> - ?SLOG(warning, #{ + ?LOG(warning, #{ msg => "Unsupported operation: set TCP keepalive", os => OS }), @@ -774,7 +776,7 @@ handle_timeout(TRef, Msg, State) -> %% Parse incoming data -compile({inline, [when_bytes_in/3]}). when_bytes_in(Oct, Data, State) -> - ?SLOG(debug, #{ + ?LOG(debug, #{ msg => "raw_bin_received", size => Oct, bin => binary_to_list(binary:encode_hex(Data)), @@ -810,7 +812,7 @@ parse_incoming(Data, Packets, State = #state{parse_state = ParseState}) -> parse_incoming(Rest, [Packet | Packets], NState) catch throw:{?FRAME_PARSE_ERROR, Reason} -> - ?SLOG(info, #{ + ?LOG(info, #{ reason => Reason, at_state => emqx_frame:describe_state(ParseState), input_bytes => Data, @@ -818,7 +820,7 @@ parse_incoming(Data, Packets, State = #state{parse_state = ParseState}) -> }), {[{frame_error, Reason} | Packets], State}; error:Reason:Stacktrace -> - ?SLOG(error, #{ + ?LOG(error, #{ at_state => emqx_frame:describe_state(ParseState), input_bytes => Data, parsed_packets => Packets, @@ -873,7 +875,7 @@ serialize_and_inc_stats_fun(#state{serialize = Serialize}) -> fun(Packet) -> try emqx_frame:serialize_pkt(Packet, Serialize) of <<>> -> - ?SLOG(warning, #{ + ?LOG(warning, #{ msg => "packet_is_discarded", reason => "frame_is_too_large", packet => emqx_packet:format(Packet, hidden) @@ -889,13 +891,13 @@ serialize_and_inc_stats_fun(#state{serialize = Serialize}) -> catch %% Maybe Never happen. throw:{?FRAME_SERIALIZE_ERROR, Reason} -> - ?SLOG(info, #{ + ?LOG(info, #{ reason => Reason, input_packet => Packet }), erlang:error({?FRAME_SERIALIZE_ERROR, Reason}); error:Reason:Stacktrace -> - ?SLOG(error, #{ + ?LOG(error, #{ input_packet => Packet, exception => Reason, stacktrace => Stacktrace @@ -1018,7 +1020,7 @@ check_limiter( WhenOk(Data, Msgs, State#state{limiter = Limiter2}); {pause, Time, Limiter2} -> ?SLOG(debug, #{ - msg => "pause_time_dueto_rate_limit", + msg => "pause_time_due_to_rate_limit", needs => Needs, time_in_ms => Time }), @@ -1070,7 +1072,7 @@ retry_limiter(#state{limiter = Limiter} = State) -> ); {pause, Time, Limiter2} -> ?SLOG(debug, #{ - msg => "pause_time_dueto_rate_limit", + msg => "pause_time_due_to_rate_limit", types => Types, time_in_ms => Time }), diff --git a/apps/emqx/src/emqx_ws_connection.erl b/apps/emqx/src/emqx_ws_connection.erl index d4bc0f3ed..038f3e98e 100644 --- a/apps/emqx/src/emqx_ws_connection.erl +++ b/apps/emqx/src/emqx_ws_connection.erl @@ -128,6 +128,8 @@ -dialyzer({no_match, [info/2]}). -dialyzer({nowarn_function, [websocket_init/1]}). +-define(LOG(Level, Data), ?SLOG(Level, (Data)#{tag => "MQTT"})). + %%-------------------------------------------------------------------- %% Info, Stats %%-------------------------------------------------------------------- @@ -401,7 +403,7 @@ get_peer_info(Type, Listener, Req, Opts) -> websocket_handle({binary, Data}, State) when is_list(Data) -> websocket_handle({binary, iolist_to_binary(Data)}, State); websocket_handle({binary, Data}, State) -> - ?SLOG(debug, #{ + ?LOG(debug, #{ msg => "raw_bin_received", size => iolist_size(Data), bin => binary_to_list(binary:encode_hex(Data)), @@ -428,7 +430,7 @@ websocket_handle({Frame, _}, State) when Frame =:= ping; Frame =:= pong -> return(State); websocket_handle({Frame, _}, State) -> %% TODO: should not close the ws connection - ?SLOG(error, #{msg => "unexpected_frame", frame => Frame}), + ?LOG(error, #{msg => "unexpected_frame", frame => Frame}), shutdown(unexpected_ws_frame, State). websocket_info({call, From, Req}, State) -> handle_call(From, Req, State); @@ -714,7 +716,7 @@ parse_incoming(Data, Packets, State = #state{parse_state = ParseState}) -> parse_incoming(Rest, [{incoming, Packet} | Packets], NState) catch throw:{?FRAME_PARSE_ERROR, Reason} -> - ?SLOG(info, #{ + ?LOG(info, #{ reason => Reason, at_state => emqx_frame:describe_state(ParseState), input_bytes => Data @@ -722,7 +724,7 @@ parse_incoming(Data, Packets, State = #state{parse_state = ParseState}) -> FrameError = {frame_error, Reason}, {[{incoming, FrameError} | Packets], State}; error:Reason:Stacktrace -> - ?SLOG(error, #{ + ?LOG(error, #{ at_state => emqx_frame:describe_state(ParseState), input_bytes => Data, exception => Reason, @@ -812,7 +814,7 @@ serialize_and_inc_stats_fun(#state{serialize = Serialize}) -> fun(Packet) -> try emqx_frame:serialize_pkt(Packet, Serialize) of <<>> -> - ?SLOG(warning, #{ + ?LOG(warning, #{ msg => "packet_discarded", reason => "frame_too_large", packet => emqx_packet:format(Packet) @@ -828,13 +830,13 @@ serialize_and_inc_stats_fun(#state{serialize = Serialize}) -> catch %% Maybe Never happen. throw:{?FRAME_SERIALIZE_ERROR, Reason} -> - ?SLOG(info, #{ + ?LOG(info, #{ reason => Reason, input_packet => Packet }), erlang:error({?FRAME_SERIALIZE_ERROR, Reason}); error:Reason:Stacktrace -> - ?SLOG(error, #{ + ?LOG(error, #{ input_packet => Packet, exception => Reason, stacktrace => Stacktrace From 2e0e9f1c149a12a50407347c2bbfaf08ed7365ce Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Mon, 4 Mar 2024 19:29:28 +0100 Subject: [PATCH 05/15] ci: fix sha256 task in build packages --- .github/workflows/build_packages.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_packages.yaml b/.github/workflows/build_packages.yaml index 31f39d551..0783af615 100644 --- a/.github/workflows/build_packages.yaml +++ b/.github/workflows/build_packages.yaml @@ -221,9 +221,9 @@ jobs: set -eu cd packages/${{ matrix.profile }} # fix the .sha256 file format - for var in $(ls | grep emqx | grep -v sha256); do - dos2unix $var.sha256 - echo "$(cat $var.sha256) $var" | sha256sum -c || exit 1 + for f in *.sha256; do + dos2unix $f + echo "$(cat $f) ${f%.*}" | sha256sum -c || exit 1 done cd - - uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 From 394c242671d1132b4f6d22dd58d463042ed86285 Mon Sep 17 00:00:00 2001 From: Thales Macedo Garitezi Date: Mon, 4 Mar 2024 15:29:58 -0300 Subject: [PATCH 06/15] ci: don't attempt to push to `public.ecr.aws/emqx/emqx-enterprise` This repository doesn't currently exist. --- .../build_and_push_docker_images.yaml | 55 ++++++++++++++----- build | 30 +++++++++- 2 files changed, 69 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index 1ab553840..c02b29292 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -81,14 +81,6 @@ jobs: profile: - ${{ inputs.profile }} - ${{ inputs.profile }}-elixir - registry: - - 'docker.io' - - 'public.ecr.aws' - exclude: - - profile: emqx-enterprise - registry: 'public.ecr.aws' - - profile: emqx-enterprise-elixir - registry: 'public.ecr.aws' steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -101,14 +93,14 @@ jobs: - name: Login to hub.docker.com uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - if: matrix.registry == 'docker.io' + if: inputs.publish || github.repository_owner != 'emqx' with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to AWS ECR uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - if: matrix.registry == 'public.ecr.aws' + if: inputs.publish || github.repository_owner != 'emqx' with: registry: public.ecr.aws username: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -118,17 +110,54 @@ jobs: - name: Build docker image env: PROFILE: ${{ matrix.profile }} - DOCKER_REGISTRY: ${{ matrix.registry }} + DOCKER_REGISTRY: 'docker.io,public.ecr.aws' DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} - DOCKER_PUSH: ${{ inputs.publish == 'true' || inputs.publish || github.repository_owner != 'emqx' }} + DOCKER_PUSH: false DOCKER_BUILD_NOCACHE: true DOCKER_PLATFORMS: linux/amd64,linux/arm64 - EMQX_RUNNER: 'debian:11-slim' + DOCKER_LOAD: true + EMQX_RUNNER: 'public.ecr.aws/debian/debian:11-slim@sha256:22cfb3c06a7dd5e18d86123a73405664475b9d9fa209cbedcf4c50a25649cc74' EMQX_DOCKERFILE: 'deploy/docker/Dockerfile' PKG_VSN: ${{ inputs.version }} EMQX_BUILDER_VERSION: ${{ inputs.builder_vsn }} EMQX_BUILDER_OTP: ${{ inputs.otp_vsn }} EMQX_BUILDER_ELIXIR: ${{ inputs.elixir_vsn }} + EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker + echo "Built tags:" + echo "===========" + cat .emqx_docker_image_tags + echo "===========" + echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV + + - name: smoke test + timeout-minutes: 1 + run: | + for tag in $(cat .emqx_docker_image_tags); do + CID=$(docker run -d -P $tag) + HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) + ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT + docker rm -f $CID + done + - name: dashboard tests + working-directory: ./scripts/ui-tests + timeout-minutes: 5 + run: | + set -eu + docker compose up --abort-on-container-exit --exit-code-from selenium + docker compose rm -fsv + - name: test node_dump + run: | + CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) + docker exec -t -u root -w /root $CID bash -c 'apt-get -y update && apt-get -y install net-tools' + docker exec -t -u root $CID node_dump + docker rm -f $CID + - name: push images + if: inputs.publish || github.repository_owner != 'emqx' + run: | + for tag in $(cat .emqx_docker_image_tags); do + echo "Pushing tag $tag" + docker push $tag + done diff --git a/build b/build index 4a5e01f7e..731d0f331 100755 --- a/build +++ b/build @@ -385,6 +385,16 @@ docker_cleanup() { [ -f ./.dockerignore.bak ] && mv ./.dockerignore.bak ./.dockerignore >/dev/null || true } +function is_ecr_and_enterprise() { + local registry="$1" + local profile="$2" + if [[ "$registry" == public.ecr.aws* ]] && [[ "$profile" == *enterprise* ]]; then + return 0 + else + return 1 + fi +} + ## Build the default docker image based on debian 11. make_docker() { local EMQX_BUILDER_VERSION="${EMQX_BUILDER_VERSION:-5.3-2}" @@ -450,6 +460,13 @@ make_docker() { --tag "${EMQX_IMAGE_TAG}" \ --pull ) + :> ./.emqx_docker_image_tags + for r in "${DOCKER_REGISTRIES[@]}"; do + if ! is_ecr_and_enterprise "$r" "$PROFILE"; then + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_IMAGE_TAG}") + echo "$r/${EMQX_IMAGE_TAG}" >> ./.emqx_docker_image_tags + fi + done if [ "${DOCKER_BUILD_NOCACHE:-false}" = true ]; then DOCKER_BUILDX_ARGS+=(--no-cache) fi @@ -457,9 +474,16 @@ make_docker() { DOCKER_BUILDX_ARGS+=(--label org.opencontainers.image.elixir.version="${EMQX_BUILDER_ELIXIR}") fi if [ "${DOCKER_LATEST:-false}" = true ]; then - DOCKER_BUILDX_ARGS+=(--tag "${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}") - DOCKER_BUILDX_ARGS+=(--tag "${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}") - DOCKER_BUILDX_ARGS+=(--tag "${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}") + for r in "${DOCKER_REGISTRIES[@]}"; do + if ! is_ecr_and_enterprise "$r" "$PROFILE"; then + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}" >> ./.emqx_docker_image_tags + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}" >> ./.emqx_docker_image_tags + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}" >> ./.emqx_docker_image_tags + fi + done fi if [ "${DOCKER_PLATFORMS:-default}" != 'default' ]; then DOCKER_BUILDX_ARGS+=(--platform "${DOCKER_PLATFORMS}") From 2251b85d65875926b45d62e65da139c3686a4149 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Tue, 5 Mar 2024 08:26:30 +0100 Subject: [PATCH 07/15] chore: 5.5.1-rc.3 --- apps/emqx/include/emqx_release.hrl | 4 ++-- changes/e5.5.1.en.md | 4 +--- changes/v5.5.1.en.md | 5 ++--- deploy/charts/emqx-enterprise/Chart.yaml | 4 ++-- deploy/charts/emqx/Chart.yaml | 4 ++-- 5 files changed, 9 insertions(+), 12 deletions(-) diff --git a/apps/emqx/include/emqx_release.hrl b/apps/emqx/include/emqx_release.hrl index d35df9c92..655cd77d9 100644 --- a/apps/emqx/include/emqx_release.hrl +++ b/apps/emqx/include/emqx_release.hrl @@ -32,10 +32,10 @@ %% `apps/emqx/src/bpapi/README.md' %% Opensource edition --define(EMQX_RELEASE_CE, "5.5.1"). +-define(EMQX_RELEASE_CE, "5.5.1-rc.3"). %% Enterprise edition --define(EMQX_RELEASE_EE, "5.5.1"). +-define(EMQX_RELEASE_EE, "5.5.1-rc.3"). %% The HTTP API version -define(EMQX_API_VERSION, "5.0"). diff --git a/changes/e5.5.1.en.md b/changes/e5.5.1.en.md index 0c705b9a7..8077160d2 100644 --- a/changes/e5.5.1.en.md +++ b/changes/e5.5.1.en.md @@ -8,8 +8,6 @@ - [#12471](https://github.com/emqx/emqx/pull/12471) Fixed an issue that data integration configurations failed to load correctly during upgrades from EMQX version 5.0.2 to newer releases. -- [#12542](https://github.com/emqx/emqx/pull/12542) Redacted authorization headers to exclude basic authorization credentials from debug logs in the HTTP Server connector, mitigating potential security risks. - - [#12598](https://github.com/emqx/emqx/pull/12598) Fixed an issue that users were unable to subscribe to or unsubscribe from shared topic filters via HTTP API. The affected APIs include: @@ -26,7 +24,7 @@ - [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. -- [#12632](https://github.com/emqx/emqx/pull/12632) Fix an issue when rule engine SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from 1st of March on leap years. +- [#12632](https://github.com/emqx/emqx/pull/12632) Fixed an issue where the rule engine's SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from March 1st on leap years. - [#12608](https://github.com/emqx/emqx/pull/12608) Fixed a `function_clause` error in the IoTDB action caused by the absence of a `payload` field in query data. diff --git a/changes/v5.5.1.en.md b/changes/v5.5.1.en.md index 517b88971..d25349ccd 100644 --- a/changes/v5.5.1.en.md +++ b/changes/v5.5.1.en.md @@ -4,8 +4,6 @@ - [#12471](https://github.com/emqx/emqx/pull/12471) Fixed an issue that data integration configurations failed to load correctly during upgrades from EMQX version 5.0.2 to newer releases. -- [#12542](https://github.com/emqx/emqx/pull/12542) Redacted authorization headers to exclude basic authorization credentials from debug logs in the HTTP Server connector, mitigating potential security risks. - - [#12598](https://github.com/emqx/emqx/pull/12598) Fixed an issue that users were unable to subscribe to or unsubscribe from shared topic filters via HTTP API. The affected APIs include: @@ -22,4 +20,5 @@ - [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. -- [#12632](https://github.com/emqx/emqx/pull/12632) Fix an issue when rule engine SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from 1st of March on leap years. +- [#12632](https://github.com/emqx/emqx/pull/12632) Fixed an issue where the rule engine's SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from March 1st on leap years. + diff --git a/deploy/charts/emqx-enterprise/Chart.yaml b/deploy/charts/emqx-enterprise/Chart.yaml index 014a37fd6..e75a8d346 100644 --- a/deploy/charts/emqx-enterprise/Chart.yaml +++ b/deploy/charts/emqx-enterprise/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1 +version: 5.5.1-rc.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1 +appVersion: 5.5.1-rc.3 diff --git a/deploy/charts/emqx/Chart.yaml b/deploy/charts/emqx/Chart.yaml index 8b60276ed..7c33555f1 100644 --- a/deploy/charts/emqx/Chart.yaml +++ b/deploy/charts/emqx/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1 +version: 5.5.1-rc.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1 +appVersion: 5.5.1-rc.3 From f275e99aba62ae226e95295ae25aacd9d196b0c2 Mon Sep 17 00:00:00 2001 From: zmstone Date: Tue, 5 Mar 2024 09:16:28 +0100 Subject: [PATCH 08/15] docs: add changelog for PR 12641 --- changes/ce/feat-12641.en.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changes/ce/feat-12641.en.md diff --git a/changes/ce/feat-12641.en.md b/changes/ce/feat-12641.en.md new file mode 100644 index 000000000..72b414c77 --- /dev/null +++ b/changes/ce/feat-12641.en.md @@ -0,0 +1,3 @@ +Improve text log formatter fields order. + +`tag` > `clientid` > `msg` > `peername` > `username` > `topic` > [other fields] From 0c9ecb4211b44c5b326c1972db8ae2fbd15de1c3 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Tue, 13 Feb 2024 10:42:05 +0100 Subject: [PATCH 09/15] ci: build binaries for each arch of docker image separately to speed up the build process, we build the binaries for multi-arch docker image on the instances with corresponding architecture first, then assemble the final docker image --- .github/workflows/_pr_entrypoint.yaml | 2 +- .github/workflows/_push-entrypoint.yaml | 10 +- .../build_and_push_docker_images.yaml | 201 +++++++++++------- .github/workflows/build_docker_for_test.yaml | 8 +- .github/workflows/build_packages.yaml | 4 +- .github/workflows/run_docker_tests.yaml | 8 +- build | 44 ++-- deploy/docker/Dockerfile | 66 +++--- deploy/docker/docker-entrypoint.sh | 2 +- scripts/ui-tests/docker-compose.yaml | 2 +- 10 files changed, 201 insertions(+), 146 deletions(-) diff --git a/.github/workflows/_pr_entrypoint.yaml b/.github/workflows/_pr_entrypoint.yaml index 86e676ebe..c94197035 100644 --- a/.github/workflows/_pr_entrypoint.yaml +++ b/.github/workflows/_pr_entrypoint.yaml @@ -148,7 +148,7 @@ jobs: with: name: ${{ matrix.profile }} path: ${{ matrix.profile }}.zip - retention-days: 1 + retention-days: 7 run_emqx_app_tests: needs: diff --git a/.github/workflows/_push-entrypoint.yaml b/.github/workflows/_push-entrypoint.yaml index 8caece6eb..c125bb818 100644 --- a/.github/workflows/_push-entrypoint.yaml +++ b/.github/workflows/_push-entrypoint.yaml @@ -28,7 +28,6 @@ jobs: profile: ${{ steps.parse-git-ref.outputs.profile }} release: ${{ steps.parse-git-ref.outputs.release }} latest: ${{ steps.parse-git-ref.outputs.latest }} - version: ${{ steps.parse-git-ref.outputs.version }} ct-matrix: ${{ steps.matrix.outputs.ct-matrix }} ct-host: ${{ steps.matrix.outputs.ct-host }} ct-docker: ${{ steps.matrix.outputs.ct-docker }} @@ -46,18 +45,16 @@ jobs: shell: bash run: | git config --global --add safe.directory "$GITHUB_WORKSPACE" - - name: Detect emqx profile and version + - name: Detect emqx profile id: parse-git-ref run: | JSON="$(./scripts/parse-git-ref.sh $GITHUB_REF)" PROFILE=$(echo "$JSON" | jq -cr '.profile') RELEASE=$(echo "$JSON" | jq -cr '.release') LATEST=$(echo "$JSON" | jq -cr '.latest') - VERSION="$(./pkg-vsn.sh "$PROFILE")" echo "profile=$PROFILE" | tee -a $GITHUB_OUTPUT echo "release=$RELEASE" | tee -a $GITHUB_OUTPUT echo "latest=$LATEST" | tee -a $GITHUB_OUTPUT - echo "version=$VERSION" | tee -a $GITHUB_OUTPUT - name: Build matrix id: matrix run: | @@ -91,7 +88,7 @@ jobs: uses: ./.github/workflows/build_packages.yaml with: profile: ${{ needs.prepare.outputs.profile }} - publish: ${{ needs.prepare.outputs.release }} + publish: true otp_vsn: ${{ needs.prepare.outputs.otp_vsn }} elixir_vsn: ${{ needs.prepare.outputs.elixir_vsn }} builder_vsn: ${{ needs.prepare.outputs.builder_vsn }} @@ -104,8 +101,7 @@ jobs: uses: ./.github/workflows/build_and_push_docker_images.yaml with: profile: ${{ needs.prepare.outputs.profile }} - version: ${{ needs.prepare.outputs.version }} - publish: ${{ needs.prepare.outputs.release }} + publish: true latest: ${{ needs.prepare.outputs.latest }} # TODO: revert this back to needs.prepare.outputs.otp_vsn when OTP 26 bug is fixed otp_vsn: 25.3.2-2 diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index c02b29292..166c5bc74 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -10,15 +10,12 @@ on: profile: required: true type: string - version: - required: true - type: string latest: required: true type: string publish: required: true - type: string + type: boolean otp_vsn: required: true type: string @@ -45,8 +42,6 @@ on: required: false type: string default: 'emqx' - version: - required: true latest: required: false type: boolean @@ -72,8 +67,46 @@ permissions: contents: read jobs: + build: + runs-on: ${{ github.repository_owner == 'emqx' && fromJSON(format('["self-hosted","ephemeral","linux","{0}"]', matrix.arch)) || 'ubuntu-22.04' }} + container: "ghcr.io/emqx/emqx-builder/${{ inputs.builder_vsn }}:${{ inputs.elixir_vsn }}-${{ inputs.otp_vsn }}-debian11" + outputs: + PKG_VSN: ${{ steps.build.outputs.PKG_VSN }} + + strategy: + fail-fast: false + matrix: + profile: + - ${{ inputs.profile }} + - ${{ inputs.profile }}-elixir + arch: + - x64 + - arm64 + + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ github.event.inputs.ref }} + - run: git config --global --add safe.directory "$PWD" + - name: build release tarball + id: build + run: | + make ${{ matrix.profile }}-tgz + - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: "${{ matrix.profile }}-${{ matrix.arch }}.tar.gz" + path: "_packages/emqx*/emqx-*.tar.gz" + retention-days: 7 + overwrite: true + if-no-files-found: error + docker: runs-on: ${{ endsWith(github.repository, '/emqx') && 'ubuntu-22.04' || fromJSON('["self-hosted","ephemeral","linux","x64"]') }} + needs: + - build + defaults: + run: + shell: bash strategy: fail-fast: false @@ -83,81 +116,93 @@ jobs: - ${{ inputs.profile }}-elixir steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - ref: ${{ github.event.inputs.ref }} - fetch-depth: 0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ github.event.inputs.ref }} + - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + with: + pattern: "${{ matrix.profile }}-*.tar.gz" + path: _packages + merge-multiple: true - - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + - name: Move artifacts to root directory + env: + PROFILE: ${{ inputs.profile }} + run: | + ls -lR _packages/$PROFILE + mv _packages/$PROFILE/*.tar.gz ./ + - name: Enable containerd image store on Docker Engine + run: | + echo "$(jq '. += {"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json)" > daemon.json + sudo mv daemon.json /etc/docker/daemon.json + sudo systemctl restart docker - - name: Login to hub.docker.com - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - if: inputs.publish || github.repository_owner != 'emqx' - with: - username: ${{ secrets.DOCKER_HUB_USER }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} + - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - name: Login to AWS ECR - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - if: inputs.publish || github.repository_owner != 'emqx' - with: - registry: public.ecr.aws - username: ${{ secrets.AWS_ACCESS_KEY_ID }} - password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - ecr: true + - name: Login to hub.docker.com + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + if: inputs.publish || github.repository_owner != 'emqx' + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} - - name: Build docker image - env: - PROFILE: ${{ matrix.profile }} - DOCKER_REGISTRY: 'docker.io,public.ecr.aws' - DOCKER_ORG: ${{ github.repository_owner }} - DOCKER_LATEST: ${{ inputs.latest }} - DOCKER_PUSH: false - DOCKER_BUILD_NOCACHE: true - DOCKER_PLATFORMS: linux/amd64,linux/arm64 - DOCKER_LOAD: true - EMQX_RUNNER: 'public.ecr.aws/debian/debian:11-slim@sha256:22cfb3c06a7dd5e18d86123a73405664475b9d9fa209cbedcf4c50a25649cc74' - EMQX_DOCKERFILE: 'deploy/docker/Dockerfile' - PKG_VSN: ${{ inputs.version }} - EMQX_BUILDER_VERSION: ${{ inputs.builder_vsn }} - EMQX_BUILDER_OTP: ${{ inputs.otp_vsn }} - EMQX_BUILDER_ELIXIR: ${{ inputs.elixir_vsn }} - EMQX_SOURCE_TYPE: tgz - run: | - ./build ${PROFILE} docker - echo "Built tags:" - echo "===========" - cat .emqx_docker_image_tags - echo "===========" - echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV + - name: Login to AWS ECR + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + if: inputs.publish || github.repository_owner != 'emqx' + with: + registry: public.ecr.aws + username: ${{ secrets.AWS_ACCESS_KEY_ID }} + password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + ecr: true - - name: smoke test - timeout-minutes: 1 - run: | - for tag in $(cat .emqx_docker_image_tags); do - CID=$(docker run -d -P $tag) - HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) - ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT + - name: Build docker image + env: + PROFILE: ${{ matrix.profile }} + DOCKER_REGISTRY: 'docker.io,public.ecr.aws' + DOCKER_ORG: ${{ github.repository_owner }} + DOCKER_LATEST: ${{ inputs.latest }} + DOCKER_PUSH: false + DOCKER_BUILD_NOCACHE: true + DOCKER_PLATFORMS: linux/amd64,linux/arm64 + DOCKER_LOAD: true + EMQX_RUNNER: 'public.ecr.aws/debian/debian:11-slim@sha256:22cfb3c06a7dd5e18d86123a73405664475b9d9fa209cbedcf4c50a25649cc74' + EMQX_DOCKERFILE: 'deploy/docker/Dockerfile' + PKG_VSN: ${{ needs.build.outputs.PKG_VSN }} + EMQX_BUILDER_VERSION: ${{ inputs.builder_vsn }} + EMQX_BUILDER_OTP: ${{ inputs.otp_vsn }} + EMQX_BUILDER_ELIXIR: ${{ inputs.elixir_vsn }} + EMQX_SOURCE_TYPE: tgz + run: | + ./build ${PROFILE} docker + cat .emqx_docker_image_tags + echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV + + - name: smoke test + timeout-minutes: 1 + run: | + for tag in $(cat .emqx_docker_image_tags); do + CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) + HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) + ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT + docker rm -f $CID + done + - name: dashboard tests + working-directory: ./scripts/ui-tests + timeout-minutes: 5 + run: | + set -eu + docker compose up --abort-on-container-exit --exit-code-from selenium + docker compose rm -fsv + - name: test node_dump + run: | + CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) + docker exec -t -u root -w /root $CID bash -c 'apt-get -y update && apt-get -y install net-tools' + docker exec -t -u root $CID node_dump docker rm -f $CID - done - - name: dashboard tests - working-directory: ./scripts/ui-tests - timeout-minutes: 5 - run: | - set -eu - docker compose up --abort-on-container-exit --exit-code-from selenium - docker compose rm -fsv - - name: test node_dump - run: | - CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) - docker exec -t -u root -w /root $CID bash -c 'apt-get -y update && apt-get -y install net-tools' - docker exec -t -u root $CID node_dump - docker rm -f $CID - - name: push images - if: inputs.publish || github.repository_owner != 'emqx' - run: | - for tag in $(cat .emqx_docker_image_tags); do - echo "Pushing tag $tag" - docker push $tag - done + - name: push images + if: inputs.publish || github.repository_owner != 'emqx' + run: | + for tag in $(cat .emqx_docker_image_tags); do + docker push $tag + done diff --git a/.github/workflows/build_docker_for_test.yaml b/.github/workflows/build_docker_for_test.yaml index ccff642f9..91e5d64fa 100644 --- a/.github/workflows/build_docker_for_test.yaml +++ b/.github/workflows/build_docker_for_test.yaml @@ -47,17 +47,17 @@ jobs: id: build run: | make ${EMQX_NAME}-docker - echo "EMQX_IMAGE_TAG=$(cat .docker_image_tag)" >> $GITHUB_ENV + echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV - name: smoke test run: | - CID=$(docker run -d --rm -P $EMQX_IMAGE_TAG) + CID=$(docker run -d --rm -P $_EMQX_DOCKER_IMAGE_TAG) HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT docker stop $CID - name: export docker image run: | - docker save $EMQX_IMAGE_TAG | gzip > $EMQX_NAME-docker-$PKG_VSN.tar.gz - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + docker save $_EMQX_DOCKER_IMAGE_TAG | gzip > $EMQX_NAME-docker-$PKG_VSN.tar.gz + - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 with: name: "${{ env.EMQX_NAME }}-docker" path: "${{ env.EMQX_NAME }}-docker-${{ env.PKG_VSN }}.tar.gz" diff --git a/.github/workflows/build_packages.yaml b/.github/workflows/build_packages.yaml index 0783af615..825c14302 100644 --- a/.github/workflows/build_packages.yaml +++ b/.github/workflows/build_packages.yaml @@ -12,7 +12,7 @@ on: type: string publish: required: true - type: string + type: boolean otp_vsn: required: true type: string @@ -203,7 +203,7 @@ jobs: needs: - mac - linux - if: inputs.publish == 'true' || inputs.publish + if: inputs.publish strategy: fail-fast: false matrix: diff --git a/.github/workflows/run_docker_tests.yaml b/.github/workflows/run_docker_tests.yaml index 9315ac815..7f73d48e8 100644 --- a/.github/workflows/run_docker_tests.yaml +++ b/.github/workflows/run_docker_tests.yaml @@ -43,8 +43,8 @@ jobs: path: /tmp - name: load docker image run: | - EMQX_IMAGE_TAG=$(docker load < /tmp/${EMQX_NAME}-docker-${PKG_VSN}.tar.gz 2>/dev/null | sed 's/Loaded image: //g') - echo "EMQX_IMAGE_TAG=$EMQX_IMAGE_TAG" >> $GITHUB_ENV + _EMQX_DOCKER_IMAGE_TAG=$(docker load < /tmp/${EMQX_NAME}-docker-${PKG_VSN}.tar.gz 2>/dev/null | sed 's/Loaded image: //g') + echo "_EMQX_DOCKER_IMAGE_TAG=$_EMQX_DOCKER_IMAGE_TAG" >> $GITHUB_ENV - name: dashboard tests working-directory: ./scripts/ui-tests run: | @@ -52,7 +52,7 @@ jobs: docker compose up --abort-on-container-exit --exit-code-from selenium - name: test two nodes cluster with proto_dist=inet_tls in docker run: | - ./scripts/test/start-two-nodes-in-docker.sh -P $EMQX_IMAGE_TAG $EMQX_IMAGE_OLD_VERSION_TAG + ./scripts/test/start-two-nodes-in-docker.sh -P $_EMQX_DOCKER_IMAGE_TAG $EMQX_IMAGE_OLD_VERSION_TAG HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' haproxy) ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT ./scripts/test/start-two-nodes-in-docker.sh -c @@ -113,4 +113,4 @@ jobs: - name: test node_dump run: | docker exec -t -u root node1.emqx.io bash -c 'apt-get -y update && apt-get -y install net-tools' - docker exec node1.emqx.io node_dump + docker exec -t -u root node1.emqx.io node_dump diff --git a/build b/build index 731d0f331..4f64c347d 100755 --- a/build +++ b/build @@ -404,7 +404,7 @@ make_docker() { local EMQX_BUILDER=${EMQX_BUILDER:-ghcr.io/emqx/emqx-builder/${EMQX_BUILDER_VERSION}:${EMQX_BUILDER_ELIXIR}-${EMQX_BUILDER_OTP}-${EMQX_BUILDER_PLATFORM}} local EMQX_RUNNER="${EMQX_RUNNER:-${EMQX_DEFAULT_RUNNER}}" local EMQX_DOCKERFILE="${EMQX_DOCKERFILE:-deploy/docker/Dockerfile}" - local PKG_VSN="${PKG_VSN:-$(./pkg-vsn.sh)}" + local EMQX_SOURCE_TYPE="${EMQX_SOURCE_TYPE:-src}" # shellcheck disable=SC2155 local VSN_MAJOR="$(scripts/semver.sh "$PKG_VSN" --major)" # shellcheck disable=SC2155 @@ -416,8 +416,14 @@ make_docker() { SUFFIX="-elixir" fi local DOCKER_REGISTRY="${DOCKER_REGISTRY:-docker.io}" + local DOCKER_REGISTRIES=( ) + IFS=',' read -ra DOCKER_REGISTRY_ARR <<< "$DOCKER_REGISTRY" + for r in "${DOCKER_REGISTRY_ARR[@]}"; do + # append to DOCKER_REGISTRIES + DOCKER_REGISTRIES+=("$r") + done local DOCKER_ORG="${DOCKER_ORG:-emqx}" - local EMQX_BASE_DOCKER_TAG="${DOCKER_REGISTRY}/${DOCKER_ORG}/${PROFILE%%-elixir}" + local EMQX_BASE_DOCKER_TAG="${DOCKER_ORG}/${PROFILE%%-elixir}" local default_tag="${EMQX_BASE_DOCKER_TAG}:${PKG_VSN}${SUFFIX}" local EMQX_IMAGE_TAG="${EMQX_IMAGE_TAG:-$default_tag}" local EDITION=Opensource @@ -442,11 +448,14 @@ make_docker() { local DOCKER_BUILDX_ARGS=( --build-arg BUILD_FROM="${EMQX_BUILDER}" \ --build-arg RUN_FROM="${EMQX_RUNNER}" \ - --build-arg EMQX_NAME="${PROFILE}" \ + --build-arg SOURCE_TYPE="${EMQX_SOURCE_TYPE}" \ + --build-arg PROFILE="${PROFILE%%-elixir}" \ + --build-arg IS_ELIXIR="$([[ "$PROFILE" = *-elixir ]] && echo yes || echo no)" \ + --build-arg SUFFIX="${SUFFIX}" \ --build-arg EXTRA_DEPS="${EXTRA_DEPS}" \ --build-arg PKG_VSN="${PKG_VSN}" \ --file "${EMQX_DOCKERFILE}" \ - --label org.opencontainers.image.title="${PROFILE}" \ + --label org.opencontainers.image.title="${PROFILE%%-elixir}" \ --label org.opencontainers.image.edition="${EDITION}" \ --label org.opencontainers.image.version="${PKG_VSN}" \ --label org.opencontainers.image.revision="${GIT_REVISION}" \ @@ -457,15 +466,12 @@ make_docker() { --label org.opencontainers.image.documentation="${DOCUMENTATION_URL}" \ --label org.opencontainers.image.licenses="${LICENSE}" \ --label org.opencontainers.image.otp.version="${EMQX_BUILDER_OTP}" \ - --tag "${EMQX_IMAGE_TAG}" \ --pull ) :> ./.emqx_docker_image_tags for r in "${DOCKER_REGISTRIES[@]}"; do - if ! is_ecr_and_enterprise "$r" "$PROFILE"; then - DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_IMAGE_TAG}") - echo "$r/${EMQX_IMAGE_TAG}" >> ./.emqx_docker_image_tags - fi + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_IMAGE_TAG}") + echo "$r/${EMQX_IMAGE_TAG}" >> ./.emqx_docker_image_tags done if [ "${DOCKER_BUILD_NOCACHE:-false}" = true ]; then DOCKER_BUILDX_ARGS+=(--no-cache) @@ -475,14 +481,12 @@ make_docker() { fi if [ "${DOCKER_LATEST:-false}" = true ]; then for r in "${DOCKER_REGISTRIES[@]}"; do - if ! is_ecr_and_enterprise "$r" "$PROFILE"; then - DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}") - echo "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}" >> ./.emqx_docker_image_tags - DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}") - echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}" >> ./.emqx_docker_image_tags - DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}") - echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}" >> ./.emqx_docker_image_tags - fi + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:latest${SUFFIX}" >> ./.emqx_docker_image_tags + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}${SUFFIX}" >> ./.emqx_docker_image_tags + DOCKER_BUILDX_ARGS+=(--tag "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}") + echo "$r/${EMQX_BASE_DOCKER_TAG}:${VSN_MAJOR}.${VSN_MINOR}.${VSN_PATCH}${SUFFIX}" >> ./.emqx_docker_image_tags done fi if [ "${DOCKER_PLATFORMS:-default}" != 'default' ]; then @@ -491,6 +495,9 @@ make_docker() { if [ "${DOCKER_PUSH:-false}" = true ]; then DOCKER_BUILDX_ARGS+=(--push) fi + if [ "${DOCKER_LOAD:-false}" = true ]; then + DOCKER_BUILDX_ARGS+=(--load) + fi if [ -d "${REBAR_GIT_CACHE_DIR:-}" ]; then cache_tar="$(pwd)/rebar-git-cache.tar" if [ ! -f "${cache_tar}" ]; then @@ -516,9 +523,8 @@ make_docker() { echo 'lux_logs/' echo '_upgrade_base/' } >> ./.dockerignore - echo "Docker build args: ${DOCKER_BUILDX_ARGS[*]}" + echo "Docker buildx args: ${DOCKER_BUILDX_ARGS[*]}" docker buildx build "${DOCKER_BUILDX_ARGS[@]}" . - echo "${EMQX_IMAGE_TAG}" > ./.docker_image_tag } function join { diff --git a/deploy/docker/Dockerfile b/deploy/docker/Dockerfile index b86220334..47e815215 100644 --- a/deploy/docker/Dockerfile +++ b/deploy/docker/Dockerfile @@ -1,35 +1,43 @@ ARG BUILD_FROM=ghcr.io/emqx/emqx-builder/5.3-2:1.15.7-26.2.1-2-debian11@sha256:48b62a5636bd6bc59688fc98a498401fccf456fa63d843aa0b7279f3bc20b22e ARG RUN_FROM=public.ecr.aws/debian/debian:11-slim@sha256:22cfb3c06a7dd5e18d86123a73405664475b9d9fa209cbedcf4c50a25649cc74 -FROM ${BUILD_FROM} AS builder +ARG SOURCE_TYPE=src # tgz + +FROM ${BUILD_FROM} as builder_src +ONBUILD COPY . /emqx + +FROM ${BUILD_FROM} as builder_tgz +ARG PROFILE=emqx +ARG PKG_VSN +ARG SUFFIX +ARG TARGETARCH +ONBUILD COPY ${PROFILE}-${PKG_VSN}${SUFFIX}-debian11-$TARGETARCH.tar.gz /${PROFILE}.tar.gz + +FROM builder_${SOURCE_TYPE} as builder + +ARG PROFILE=emqx +ARG IS_ELIXIR=no ARG DEBUG=0 -COPY . /emqx - -ARG EMQX_NAME=emqx -ARG PKG_VSN - ENV EMQX_RELUP=false -ENV DEBUG=${DEBUG} ENV EMQX_REL_FORM='docker' WORKDIR /emqx/ -RUN git config --global --add safe.directory '*' - -RUN if [ -f rebar-git-cache.tar ]; then \ +RUN mkdir -p /emqx-rel/emqx && \ + if [ -f "/${PROFILE}.tar.gz" ]; then \ + tar zxf "/${PROFILE}.tar.gz" -C /emqx-rel/emqx; \ + else \ + if [ -f rebar-git-cache.tar ]; then \ mkdir .cache && \ tar -xf rebar-git-cache.tar -C .cache && \ export REBAR_GIT_CACHE_DIR='/emqx/.cache' && \ - export REBAR_GIT_CACHE_REF_AUTOFILL=0 ;\ - fi \ - && export PROFILE=${EMQX_NAME%%-elixir} \ - && export EMQX_NAME1="${EMQX_NAME}" \ - && export EMQX_NAME=${PROFILE} \ - && export EMQX_REL_PATH="/emqx/_build/${EMQX_NAME}/rel/emqx" \ - && make ${EMQX_NAME1} \ - && rm -f ${EMQX_REL_PATH}/*.tar.gz \ - && mkdir -p /emqx-rel \ - && mv ${EMQX_REL_PATH} /emqx-rel + export REBAR_GIT_CACHE_REF_AUTOFILL=0; \ + fi && \ + export EMQX_REL_PATH="/emqx/_build/${PROFILE}/rel/emqx" && \ + git config --global --add safe.directory '*' && \ + make ${PROFILE}-tgz && \ + tar zxf _packages/${PROFILE}/*.tar.gz -C /emqx-rel/emqx; \ + fi FROM $RUN_FROM ARG EXTRA_DEPS='' @@ -39,21 +47,21 @@ ENV LC_ALL=C.UTF-8 ENV LANG=C.UTF-8 COPY deploy/docker/docker-entrypoint.sh /usr/bin/ -COPY --from=builder /emqx-rel/emqx /opt/emqx - -RUN ln -s /opt/emqx/bin/* /usr/local/bin/ - -RUN apt-get update; \ - apt-get install -y --no-install-recommends ca-certificates procps $(echo "${EXTRA_DEPS}" | tr ',' ' '); \ - rm -rf /var/lib/apt/lists/* +COPY --from=builder /emqx-rel /opt/ WORKDIR /opt/emqx -RUN groupadd -r -g 1000 emqx; \ +RUN set -eu; \ + apt-get update; \ + apt-get install -y --no-install-recommends ca-certificates procps $(echo "${EXTRA_DEPS}" | tr ',' ' '); \ + find /opt/emqx -name 'swagger*.js.map' -exec rm {} +; \ + groupadd -r -g 1000 emqx; \ useradd -r -m -u 1000 -g emqx emqx; \ chgrp -Rf emqx /opt/emqx; \ chmod -Rf g+w /opt/emqx; \ - chown -Rf emqx /opt/emqx + chown -Rf emqx /opt/emqx; \ + ln -s /opt/emqx/bin/* /usr/local/bin/; \ + rm -rf /var/lib/apt/lists/* USER emqx diff --git a/deploy/docker/docker-entrypoint.sh b/deploy/docker/docker-entrypoint.sh index 056f0675f..348880d7e 100755 --- a/deploy/docker/docker-entrypoint.sh +++ b/deploy/docker/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -## EMQ docker image start script +## EMQX docker image start script if [[ -n "$DEBUG" ]]; then set -ex diff --git a/scripts/ui-tests/docker-compose.yaml b/scripts/ui-tests/docker-compose.yaml index 538db5ca8..f5a66ab33 100644 --- a/scripts/ui-tests/docker-compose.yaml +++ b/scripts/ui-tests/docker-compose.yaml @@ -2,7 +2,7 @@ version: '3.9' services: emqx: - image: ${EMQX_IMAGE_TAG:-emqx/emqx:latest} + image: ${_EMQX_DOCKER_IMAGE_TAG:-emqx/emqx:latest} environment: EMQX_DASHBOARD__DEFAULT_PASSWORD: admin From 624e0235904c9b8224a6847a6c765eba315d19e2 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Wed, 14 Feb 2024 15:25:08 +0100 Subject: [PATCH 10/15] ci(docker): use lightweight image when building from tar.gz --- deploy/docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/docker/Dockerfile b/deploy/docker/Dockerfile index 47e815215..88e05dcad 100644 --- a/deploy/docker/Dockerfile +++ b/deploy/docker/Dockerfile @@ -5,7 +5,7 @@ ARG SOURCE_TYPE=src # tgz FROM ${BUILD_FROM} as builder_src ONBUILD COPY . /emqx -FROM ${BUILD_FROM} as builder_tgz +FROM ${RUN_FROM} as builder_tgz ARG PROFILE=emqx ARG PKG_VSN ARG SUFFIX From 9c0ab450a0452781ae7d7cfeb5829a2fad6d56e9 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Wed, 14 Feb 2024 16:54:03 +0100 Subject: [PATCH 11/15] ci(docker): use correct tag for smoke test --- .github/workflows/build_and_push_docker_images.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index 166c5bc74..0c123b0c1 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -182,7 +182,7 @@ jobs: timeout-minutes: 1 run: | for tag in $(cat .emqx_docker_image_tags); do - CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) + CID=$(docker run -d -P $tag) HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT docker rm -f $CID From d9c982d850dedd491723f4629ce3d969e0f9cb60 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Tue, 5 Mar 2024 10:53:58 +0100 Subject: [PATCH 12/15] ci: do not push emqx-enterprise docker images to public.ecr.aws --- .github/workflows/build_and_push_docker_images.yaml | 13 ++++++++----- build | 10 ---------- 2 files changed, 8 insertions(+), 15 deletions(-) diff --git a/.github/workflows/build_and_push_docker_images.yaml b/.github/workflows/build_and_push_docker_images.yaml index 0c123b0c1..89b5835c1 100644 --- a/.github/workflows/build_and_push_docker_images.yaml +++ b/.github/workflows/build_and_push_docker_images.yaml @@ -112,8 +112,8 @@ jobs: fail-fast: false matrix: profile: - - ${{ inputs.profile }} - - ${{ inputs.profile }}-elixir + - ["${{ inputs.profile }}", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] + - ["${{ inputs.profile }}-elixir", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -121,7 +121,7 @@ jobs: ref: ${{ github.event.inputs.ref }} - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 with: - pattern: "${{ matrix.profile }}-*.tar.gz" + pattern: "${{ matrix.profile[0] }}-*.tar.gz" path: _packages merge-multiple: true @@ -158,8 +158,8 @@ jobs: - name: Build docker image env: - PROFILE: ${{ matrix.profile }} - DOCKER_REGISTRY: 'docker.io,public.ecr.aws' + PROFILE: ${{ matrix.profile[0] }} + DOCKER_REGISTRY: ${{ matrix.profile[1] }} DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} DOCKER_PUSH: false @@ -175,7 +175,10 @@ jobs: EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker + echo "Built tags:" + echo "===========" cat .emqx_docker_image_tags + echo "===========" echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV - name: smoke test diff --git a/build b/build index 4f64c347d..84db305b7 100755 --- a/build +++ b/build @@ -385,16 +385,6 @@ docker_cleanup() { [ -f ./.dockerignore.bak ] && mv ./.dockerignore.bak ./.dockerignore >/dev/null || true } -function is_ecr_and_enterprise() { - local registry="$1" - local profile="$2" - if [[ "$registry" == public.ecr.aws* ]] && [[ "$profile" == *enterprise* ]]; then - return 0 - else - return 1 - fi -} - ## Build the default docker image based on debian 11. make_docker() { local EMQX_BUILDER_VERSION="${EMQX_BUILDER_VERSION:-5.3-2}" From acb6b5a0d2567e7cf5b031665c3431c81a06f052 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Tue, 5 Mar 2024 10:55:05 +0100 Subject: [PATCH 13/15] chore: 5.5.1-rc.4 --- apps/emqx/include/emqx_release.hrl | 4 ++-- changes/e5.5.1.en.md | 2 +- changes/v5.5.1.en.md | 2 +- deploy/charts/emqx-enterprise/Chart.yaml | 4 ++-- deploy/charts/emqx/Chart.yaml | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/emqx/include/emqx_release.hrl b/apps/emqx/include/emqx_release.hrl index 655cd77d9..3ec5ca6a5 100644 --- a/apps/emqx/include/emqx_release.hrl +++ b/apps/emqx/include/emqx_release.hrl @@ -32,10 +32,10 @@ %% `apps/emqx/src/bpapi/README.md' %% Opensource edition --define(EMQX_RELEASE_CE, "5.5.1-rc.3"). +-define(EMQX_RELEASE_CE, "5.5.1-rc.4"). %% Enterprise edition --define(EMQX_RELEASE_EE, "5.5.1-rc.3"). +-define(EMQX_RELEASE_EE, "5.5.1-rc.4"). %% The HTTP API version -define(EMQX_API_VERSION, "5.0"). diff --git a/changes/e5.5.1.en.md b/changes/e5.5.1.en.md index 8077160d2..3f9a50ebb 100644 --- a/changes/e5.5.1.en.md +++ b/changes/e5.5.1.en.md @@ -22,7 +22,7 @@ - [#12606](https://github.com/emqx/emqx/pull/12606) The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the `emqx_cert_expiry_at` metric will report a value of 0, indicating the non-existence of the certificate. -- [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. +- [#12620](https://github.com/emqx/emqx/pull/12620) Redacted sensitive information in HTTP headers to exclude authentication and authorization credentials from `debug` level logs in the HTTP Server connector, mitigating potential security risks. - [#12632](https://github.com/emqx/emqx/pull/12632) Fixed an issue where the rule engine's SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from March 1st on leap years. diff --git a/changes/v5.5.1.en.md b/changes/v5.5.1.en.md index d25349ccd..2555d0c36 100644 --- a/changes/v5.5.1.en.md +++ b/changes/v5.5.1.en.md @@ -18,7 +18,7 @@ - [#12606](https://github.com/emqx/emqx/pull/12606) The Prometheus API experienced crashes when the specified SSL certificate file did not exist in the given path. Now, when an SSL certificate file is missing, the `emqx_cert_expiry_at` metric will report a value of 0, indicating the non-existence of the certificate. -- [#12620](https://github.com/emqx/emqx/pull/12620) Fixed an issue when sensitive headers for HTTP connector may be printed in the `debug` level log. +- [#12620](https://github.com/emqx/emqx/pull/12620) Redacted sensitive information in HTTP headers to exclude authentication and authorization credentials from `debug` level logs in the HTTP Server connector, mitigating potential security risks. - [#12632](https://github.com/emqx/emqx/pull/12632) Fixed an issue where the rule engine's SQL built-in function `date_to_unix_ts` produced incorrect results for dates starting from March 1st on leap years. diff --git a/deploy/charts/emqx-enterprise/Chart.yaml b/deploy/charts/emqx-enterprise/Chart.yaml index e75a8d346..054ca4c32 100644 --- a/deploy/charts/emqx-enterprise/Chart.yaml +++ b/deploy/charts/emqx-enterprise/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1-rc.3 +version: 5.5.1-rc.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1-rc.3 +appVersion: 5.5.1-rc.4 diff --git a/deploy/charts/emqx/Chart.yaml b/deploy/charts/emqx/Chart.yaml index 7c33555f1..78e02af81 100644 --- a/deploy/charts/emqx/Chart.yaml +++ b/deploy/charts/emqx/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1-rc.3 +version: 5.5.1-rc.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1-rc.3 +appVersion: 5.5.1-rc.4 From 58be029ead83868140337139e0465bedb2e0d23e Mon Sep 17 00:00:00 2001 From: zmstone Date: Wed, 6 Mar 2024 09:50:13 +0100 Subject: [PATCH 14/15] chore: bump version to 5.5.1 --- apps/emqx/include/emqx_release.hrl | 4 ++-- deploy/charts/emqx-enterprise/Chart.yaml | 4 ++-- deploy/charts/emqx/Chart.yaml | 4 ++-- scripts/git-hook-pre-commit.sh | 4 ++++ 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/apps/emqx/include/emqx_release.hrl b/apps/emqx/include/emqx_release.hrl index 3ec5ca6a5..d35df9c92 100644 --- a/apps/emqx/include/emqx_release.hrl +++ b/apps/emqx/include/emqx_release.hrl @@ -32,10 +32,10 @@ %% `apps/emqx/src/bpapi/README.md' %% Opensource edition --define(EMQX_RELEASE_CE, "5.5.1-rc.4"). +-define(EMQX_RELEASE_CE, "5.5.1"). %% Enterprise edition --define(EMQX_RELEASE_EE, "5.5.1-rc.4"). +-define(EMQX_RELEASE_EE, "5.5.1"). %% The HTTP API version -define(EMQX_API_VERSION, "5.0"). diff --git a/deploy/charts/emqx-enterprise/Chart.yaml b/deploy/charts/emqx-enterprise/Chart.yaml index 054ca4c32..014a37fd6 100644 --- a/deploy/charts/emqx-enterprise/Chart.yaml +++ b/deploy/charts/emqx-enterprise/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1-rc.4 +version: 5.5.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1-rc.4 +appVersion: 5.5.1 diff --git a/deploy/charts/emqx/Chart.yaml b/deploy/charts/emqx/Chart.yaml index 78e02af81..8b60276ed 100644 --- a/deploy/charts/emqx/Chart.yaml +++ b/deploy/charts/emqx/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 5.5.1-rc.4 +version: 5.5.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 5.5.1-rc.4 +appVersion: 5.5.1 diff --git a/scripts/git-hook-pre-commit.sh b/scripts/git-hook-pre-commit.sh index aeb8186cf..ab9aeb5d4 100755 --- a/scripts/git-hook-pre-commit.sh +++ b/scripts/git-hook-pre-commit.sh @@ -2,6 +2,10 @@ set -euo pipefail +if [ -n "$FORCE" ]; then + exit 0 +fi + OPT="${1:--c}" # mix format check is quite fast From f57f2fa1b736a47333da1f901dab0c7d59b971dc Mon Sep 17 00:00:00 2001 From: zmstone Date: Wed, 6 Mar 2024 19:37:06 +0100 Subject: [PATCH 15/15] chore: bump app version numbers --- apps/emqx/src/emqx.app.src | 2 +- apps/emqx_bridge_http/src/emqx_bridge_http.app.src | 2 +- apps/emqx_bridge_iotdb/src/emqx_bridge_iotdb.app.src | 2 +- apps/emqx_connector/src/emqx_connector.app.src | 2 +- apps/emqx_management/src/emqx_management.app.src | 2 +- apps/emqx_prometheus/src/emqx_prometheus.app.src | 2 +- apps/emqx_utils/src/emqx_utils.app.src | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/apps/emqx/src/emqx.app.src b/apps/emqx/src/emqx.app.src index b1872e0d4..1d8c55fe9 100644 --- a/apps/emqx/src/emqx.app.src +++ b/apps/emqx/src/emqx.app.src @@ -2,7 +2,7 @@ {application, emqx, [ {id, "emqx"}, {description, "EMQX Core"}, - {vsn, "5.1.20"}, + {vsn, "5.2.0"}, {modules, []}, {registered, []}, {applications, [ diff --git a/apps/emqx_bridge_http/src/emqx_bridge_http.app.src b/apps/emqx_bridge_http/src/emqx_bridge_http.app.src index 0876d5737..681095a08 100644 --- a/apps/emqx_bridge_http/src/emqx_bridge_http.app.src +++ b/apps/emqx_bridge_http/src/emqx_bridge_http.app.src @@ -1,6 +1,6 @@ {application, emqx_bridge_http, [ {description, "EMQX HTTP Bridge and Connector Application"}, - {vsn, "0.2.3"}, + {vsn, "0.2.4"}, {registered, []}, {applications, [kernel, stdlib, emqx_resource, ehttpc]}, {env, [{emqx_action_info_modules, [emqx_bridge_http_action_info]}]}, diff --git a/apps/emqx_bridge_iotdb/src/emqx_bridge_iotdb.app.src b/apps/emqx_bridge_iotdb/src/emqx_bridge_iotdb.app.src index 86d2a93b3..b666beeed 100644 --- a/apps/emqx_bridge_iotdb/src/emqx_bridge_iotdb.app.src +++ b/apps/emqx_bridge_iotdb/src/emqx_bridge_iotdb.app.src @@ -1,7 +1,7 @@ %% -*- mode: erlang -*- {application, emqx_bridge_iotdb, [ {description, "EMQX Enterprise Apache IoTDB Bridge"}, - {vsn, "0.1.6"}, + {vsn, "0.1.7"}, {modules, [ emqx_bridge_iotdb, emqx_bridge_iotdb_connector diff --git a/apps/emqx_connector/src/emqx_connector.app.src b/apps/emqx_connector/src/emqx_connector.app.src index 4622e41bb..9366d0bbc 100644 --- a/apps/emqx_connector/src/emqx_connector.app.src +++ b/apps/emqx_connector/src/emqx_connector.app.src @@ -1,7 +1,7 @@ %% -*- mode: erlang -*- {application, emqx_connector, [ {description, "EMQX Data Integration Connectors"}, - {vsn, "0.1.39"}, + {vsn, "0.2.0"}, {registered, []}, {mod, {emqx_connector_app, []}}, {applications, [ diff --git a/apps/emqx_management/src/emqx_management.app.src b/apps/emqx_management/src/emqx_management.app.src index ad9e12b90..bd596ffd4 100644 --- a/apps/emqx_management/src/emqx_management.app.src +++ b/apps/emqx_management/src/emqx_management.app.src @@ -2,7 +2,7 @@ {application, emqx_management, [ {description, "EMQX Management API and CLI"}, % strict semver, bump manually! - {vsn, "5.0.38"}, + {vsn, "5.1.0"}, {modules, []}, {registered, [emqx_management_sup]}, {applications, [ diff --git a/apps/emqx_prometheus/src/emqx_prometheus.app.src b/apps/emqx_prometheus/src/emqx_prometheus.app.src index b8c3d8790..32c9c102c 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus.app.src +++ b/apps/emqx_prometheus/src/emqx_prometheus.app.src @@ -2,7 +2,7 @@ {application, emqx_prometheus, [ {description, "Prometheus for EMQX"}, % strict semver, bump manually! - {vsn, "5.0.20"}, + {vsn, "5.1.0"}, {modules, []}, {registered, [emqx_prometheus_sup]}, {applications, [kernel, stdlib, prometheus, emqx, emqx_auth, emqx_resource, emqx_management]}, diff --git a/apps/emqx_utils/src/emqx_utils.app.src b/apps/emqx_utils/src/emqx_utils.app.src index 8fdade473..9e2f77d71 100644 --- a/apps/emqx_utils/src/emqx_utils.app.src +++ b/apps/emqx_utils/src/emqx_utils.app.src @@ -2,7 +2,7 @@ {application, emqx_utils, [ {description, "Miscellaneous utilities for EMQX apps"}, % strict semver, bump manually! - {vsn, "5.0.16"}, + {vsn, "5.1.0"}, {modules, [ emqx_utils, emqx_utils_api,