⬆️ Update emqx/emqx to v5.8.0

[renovate]

This PR contains the following updates:

Package	Update	Change
emqx/emqx	minor	v5.7.2 -> v5.8.0

---

Release Notes

emqx/emqx (emqx/emqx)

v5.8.0: EMQX v5.8.0

Compare Source

Enhancements

Core MQTT Functionality

• #​13009 Updated the log level for message receiving pause due to rate limiting from debug to warning. The log message socket_receive_paused_by_rate_limit is throttled to avoid excessive logging.

Authentication and Authorization

• #​12418 Enhanced JWT authentication to support claims verification using a list of objects:

  [
    {
      name = "claim_name",
      value = "${username}"
    },
    ...
  ]
  

  Expected values are now treated as templates, consistent with other authenticators, allowing for arbitrary expressions such as ${username} and ${clientid}. Previousy, only fixed "${username}" "${clientid}" values were supported for interpolation.

  Improved the documentation for the verify_claims parameter.

• #​13229 Added support for ${cert_pem} placeholder in authentication templates.

• #​13534 Added trace logging to indicate when the superuser bypasses the authorization check.

Data Integrations

• #​13144 Changed the log level to warning and added throttling for the log message data_bridge_buffer_overflow when bridge buffers overflow and messages are dropped. Previously, these events were logged at the info level and were not visible with the default log settings.

• #​13492 Enhanced the GET /connectors and GET /connectors/:id APIs to include lists of actions and sources that depend on a specific connector. Additionally, the GET /actions, GET /sources, GET /actions/:id, and GET /sources/:id APIs now return the list of rules associated with a specific action or source.

• #​13505 Added the ability to filter rules in the HTTP API based on the IDs of data integration actions or sources used.

• #​13506 Introduced the peername field to all rule engine events that already include the peerhost field. The peername field is a string formatted as IP:PORT.

• #​13516 Added a direct_dispatch argument to the republish action.

  When direct_dispatch is set to true (or rendered as true from template) the message is dispatched directly to subscribers. This feature helps prevent the triggering of additional rules or the recursive activation of the same rule.

• #​13573 Introduced client_attrs to the SQL context for client connectivity events and the message publish event.
  Users can now access client attributes within rule SQL statements, such as SELECT client_attrs.attr1 AS attribute1, and utilize ${attribute1} in data integration actions.

• #​13640 Added two new SQL functions for rules: coalesce/2 and coalesce_ne/2.

  These functions simplify handling null values in rule SQL expressions. For instance, instead of using:

  SELECT
    CASE
      WHEN is_null(payload.path.to.value) THEN
        0
      ELSE
        payload.path.to.value
    END AS my_value
  

  you can now write a more concise expression: SELECT coalesce(payload.path.to.value, 0) AS my_value.

Operations

• #​13202 Introduced the emqx ctl conf cluster_sync fix command to address cluster configuration inconsistencies. This command synchronizes the configuration of all nodes with the configuration of the node that has the highest tnx_id, ensuring consistency across the cluster.

• #​13250 Added a new value for cluster.discovery_strategy: singleton. By choosing this option, there will be effectively no clustering, and the node will reject connection attempts to and from other nodes.

• #​13370 Added a new version of wildcard_optimized storage layout for durable storage, offering the following improvements:

  • The new layout does not have an inherent latency.

  • MQTT messages are serialized into a more space-efficient format.

• #​13524 Added the emqx ctl exclusive CLI interface to manage exclusive topics more effectively. It allows administrators to better manage and troubleshoot exclusive topic subscriptions, ensuring that subscription states are accurately reflected and preventing unexpected failures.

• #​13597 Added thin wrapper functions for plugins to store and manage the certificate files used by the plugins themselves. This fix prevents plugin certificates from being inadvertently deleted by the certificate garbage collection (GC) function.

• #​13626 Added a new command emqx ctl listeners enable <Identifier> <Bool> to enable/disable a listener.

• #​13493 Upgraded the RPC library gen_rpc to version 3.4.0. This update changes the default RPC server socket option from true to active-100, which introduces back-pressure to peer nodes when the RPC server experiences heavy load.

• #​13665 Added a new metric emqx_actions_count to the prometheus endpoint. It contains the number of all actions added by all rules, including Republish actions and Console Output actions.

Bug Fixes

Core MQTT Functionality

• #​12944 Fixed an issue that caused a crash when clients with non-UTF8 client IDs attempted to connect with strict_mode=false.

• #​13006 Improved the validation of retained, delayed, and taken-over session messages to ensure they comply with banned client ID rules implemented through regular expression matching. Previously, certain messages, such as those delayed due to network issues or taken over by another session, could bypass the client ID bans set by regular expressions.

Authentication and Authorization

• #​13024 Added a default ACL deny rule to reject subscriptions to the +/# topic pattern. Since EMQX by default rejects subscriptions to # topic, for completeness, it should reject +/# as well.

• #​13040 Improved HTTP authentication:

  • Improved error logging for cases where the HTTP Content-Type header is missing or unrecognized, providing more detailed information.
  • Fixed an issue causing double encoding of query parameters in authentication HTTP requests
  • Enhanced error messages when a POST method with a JSON content type is configured for authentication requests but the JSON template fails to render into valid JSON. This can occur, for example, when a template contains a placeholder like ${password} but receives a non-UTF8 password input, leading to better transparency and easier debugging for such scenarios.

• #​13196 Added a limit to the built-in authorization database, restricting the number of Access Control List (ACL) rules per client or user to a default of 100.

• #​13584 Fixed an issue with creating HTTP authorization that resulted in errors when the HTTP header list was empty.

• #​13618 Improved the type specifications for the authorization/sources endpoint to provide clearer and more concise error messages.

• #​13624 Fixed an issue in the built-in authorizer where updating rules for a client or user could result in the total number of rules exceeding the max_rules limit.

• #​13678 Made the deletion of an authenticator in the chain an idempotent operation, ensuring that deleting a non-existing authenticator always succeeds.

Data Integrations

• #​13207 Improved the republish rule engine action to accurately reflect the success and failure of message publishing. Previously, the success metrics were incremented even when the republish action failed to deliver the message to any subscribers. Now, if the action detects that a message fails to reach any subscriber, the failure metrics are correctly incremented.

• #​13425 Improved the MQTT connector error log messages to provide clearer and more detailed information.

• #​13589 Fixed an issue where creating a rule with a string "null" for ID via the HTTP API was allowed, which could lead to an inconsistent configuration.

Operations

• #​13078 Improved validation and error handling in the EMQX Management API to ensure that requests with a JSON body include the Content-Type: application/json header. If the header is missing for APIs that expect JSON input, the server now correctly responds with a 415 Unsupported Media Type status code instead of 400 Bad Request.

• #​13225 Enhanced security in authentication and authorization APIs by redacting sensitive data such as passwords. Previously, the APIs could return the original password values in responses. With this update, sensitive information is replaced with ****** to prevent accidental exposure and protect user credentials.

Gateways

• #​13607 Fixed an issue where the QoS level for CoAP subscriptions displayed through the API did not match the actual QoS level being used. This discrepancy could cause confusion as successful subscriptions were not accurately reflected on the Dashboard.

Breaking changes

• #​13080 Updated the default value of the mqtt.retry_interval configuration from 30 seconds to infinity.

  Previously, EMQX would automatically retry message deliveries every 30 seconds by default. With the new default set to infinity, EMQX will no longer retry message deliveries automatically. This change aligns with MQTT specification standards, which generally do not recommend in-session message delivery retries.

  We understand that some users rely on the retry feature, so the ability to configure a specific retry interval is still available for backward compatibility.

• #​13190 Discontinued support for releases on CentOS 7 and Ubuntu 18. EMQX will no longer provide builds for these operating systems due to their end-of-life status.

• #​13248 Replaced the builtin durable storage backend with two new backends to provide better flexibility and scalability:

  • builtin_local: A durable storage backend that does not support replication, making it suitable for single-node deployments. This backend is available in both the open-source and enterprise editions of EMQX but is not compatible with multi-node clusters.
  • builtin_raft: A durable storage backend utilizing the Raft consensus algorithm for data replication across multiple nodes. This backend is exclusively available in the enterprise edition of EMQX, providing enhanced data durability and fault tolerance.

  Additionally, several Prometheus metrics have been renamed to better reflect their functions:

  • emqx_ds_egress_batches has been renamed to emqx_ds_buffer_batches
  • emqx_ds_egress_batches_retry has been renamed to emqx_ds_buffer_batches_retry
  • emqx_ds_egress_batches_failed has been renamed to emqx_ds_buffer_batches_failed
  • emqx_ds_egress_messages has been renamed to emqx_ds_buffer_messages
  • emqx_ds_egress_bytes has been renamed to emqx_ds_buffer_bytes
  • emqx_ds_egress_flush_time has been renamed to emqx_ds_buffer_flush_time

• #​13526 Removed the Core-replicant feature from the Open-Source Edition. Starting from release 5.8, all nodes running the Open-Source Edition will operate in the Core role. This change does not impact Enterprise Edition users, who will continue to have access to the Core-replicant functionality. Additionally, the obsolete cluster.core_nodes configuration parameter has been removed as it is no longer needed.

• Dashboard Updates: The following features have been removed or restricted in the Open-Source Edition Dashboard:

  • Monitoring:
    • Delayed Publish
    • Alarms
  • Access Control:
    • Authentication (LDAP)
    • Authorization (LDAP)
    • Flapping Detect
  • Integration:
    • Flow Designer
  • Management:
    • Monitoring
    • Advanced MQTT
      • Topic Rewrite
      • Auto Subscribe
      • Delayed Publish
  • Diagnose:
    • Topic Metrics
    • Slow Subscriptions

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Walkthrough

The change involves updating the EMQX version in the Dockerfile from v5.7.2 to v5.8.0. This modification updates the software version used in the Docker image, reflecting a potential upgrade that may include new features, improvements, or bug fixes. The remainder of the Dockerfile remains unchanged.

Changes

File	Change Summary
emqx/Dockerfile	Updated ARG EMQX_VERSION from v5.7.2 to v5.8.0

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Docker
    participant EMQX

    User->>Docker: Build Image
    Docker->>EMQX: Pull v5.8.0
    EMQX-->>Docker: Send Image
    Docker-->>User: Image Ready

Loading

Poem

🐰 In the garden of code, a new version blooms,
Upgrading the EMQX, chasing away glooms.
From five point seven to eight point oh,
A leap for the rabbit, in the tech meadow!
Hopping along with features anew,
Let's celebrate progress, for me and for you! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 2bd5664 and ff87812.

Files selected for processing (1)

• emqx/Dockerfile (1 hunks)

Additional comments not posted (1)

emqx/Dockerfile (1)

10-10: LGTM! But verify compatibility with the new version.

The EMQX_VERSION argument is correctly updated from v5.7.2 to v5.8.0. Ensure that the new version is compatible with the rest of the system and does not introduce any breaking changes.

The code changes are approved.

Run the following script to verify the compatibility of the new version: