Merge pull request #13197 from keynslug/fix/EMQX-12522/conv-ssl

fix(bridge-s3): pass SSL options through `convert_certs/2`

apps/emqx_bridge_s3/src/emqx_bridge_s3.app.src

@@ -1,6 +1,6 @@
 {application, emqx_bridge_s3, [
     {description, "EMQX Enterprise S3 Bridge"},
-    {vsn, "0.1.1"},
+    {vsn, "0.1.2"},
     {registered, []},
     {applications, [
         kernel,

apps/emqx_bridge_s3/src/emqx_bridge_s3.erl

@@ -22,6 +22,10 @@
     connector_examples/1
 ]).
 
+-export([
+    pre_config_update/4
+]).
+
 %%-------------------------------------------------------------------------------------------------
 %% `hocon_schema' API
 %%-------------------------------------------------------------------------------------------------
@@ -110,3 +114,15 @@ connector_example(put) ->
             enable_pipelining => 1
         }
     }.
+
+%% Config update
+
+pre_config_update(Path, _Name, Conf = #{<<"transport_options">> := TransportOpts}, _ConfOld) ->
+    case emqx_connector_ssl:convert_certs(filename:join(Path), TransportOpts) of
+        {ok, NTransportOpts} ->
+            {ok, Conf#{<<"transport_options">> := NTransportOpts}};
+        {error, {bad_ssl_config, Error}} ->
+            {error, Error#{reason => <<"bad_ssl_config">>}}
+    end;
+pre_config_update(_Path, _Name, Conf, _ConfOld) ->
+    {ok, Conf}.

apps/emqx_connector/src/emqx_connector.erl

@@ -126,19 +126,28 @@ pre_config_update([?ROOT_KEY, _Type, _Name], Oper, OldConfig) when
 ->
     %% to save the 'enable' to the config files
     {ok, OldConfig#{<<"enable">> => operation_to_enable(Oper)}};
-pre_config_update([?ROOT_KEY, _Type, Name] = Path, Conf = #{}, _OldConfig) ->
+pre_config_update([?ROOT_KEY, _Type, Name] = Path, Conf = #{}, ConfOld) ->
     case validate_connector_name(Name) of
         ok ->
             case emqx_connector_ssl:convert_certs(filename:join(Path), Conf) of
-                {error, Reason} ->
-                    {error, Reason};
                 {ok, ConfNew} ->
-                    {ok, ConfNew}
+                    connector_pre_config_update(Path, ConfNew, ConfOld);
+                {error, Reason} ->
+                    {error, Reason}
             end;
         Error ->
             Error
     end.
 
+connector_pre_config_update([?ROOT_KEY, Type, Name] = Path, ConfNew, ConfOld) ->
+    Mod = emqx_connector_info:config_transform_module(Type),
+    case Mod =/= undefined andalso erlang:function_exported(Mod, pre_config_update, 4) of
+        true ->
+            apply(Mod, pre_config_update, [Path, Name, ConfNew, ConfOld]);
+        false ->
+            {ok, ConfNew}
+    end.
+
 operation_to_enable(disable) -> false;
 operation_to_enable(enable) -> true.
 

changes/ee/fix-13197.en.md

@@ -0,0 +1 @@
+Fixed an issue with S3 Bridge that prevented automatic saving of TLS certificates and key files to the file system, when they are supplied through the Dashboard UI or Connector API.