Skip to content

Commit

Permalink
Merge branch 'master' into Update_Energy_Cluster_XML_For_1_4
Browse files Browse the repository at this point in the history
  • Loading branch information
jamesharrow authored Jun 18, 2024
2 parents 81f7009 + 8143615 commit 61668a3
Show file tree
Hide file tree
Showing 29 changed files with 789 additions and 210 deletions.
12 changes: 11 additions & 1 deletion .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -476,6 +476,16 @@ jobs:
build \
--copy-artifacts-to objdir-clone \
"
- name: Generate an argument environment file
run: |
echo -n "" >/tmp/test_env.yaml
echo "ALL_CLUSTERS_APP: out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app" >> /tmp/test_env.yaml
echo "CHIP_LOCK_APP: out/linux-x64-lock-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-lock-app" >> /tmp/test_env.yaml
echo "ENERGY_MANAGEMENT_APP: out/linux-x64-energy-management-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-energy-management-app" >> /tmp/test_env.yaml
echo "TRACE_APP: out/trace_data/app-{SCRIPT_BASE_NAME}" >> /tmp/test_env.yaml
echo "TRACE_TEST_JSON: out/trace_data/test-{SCRIPT_BASE_NAME}" >> /tmp/test_env.yaml
echo "TRACE_TEST_PERFETTO: out/trace_data/test-{SCRIPT_BASE_NAME}" >> /tmp/test_env.yaml
- name: Run Tests
run: |
mkdir -p out/trace_data
Expand Down Expand Up @@ -517,7 +527,7 @@ jobs:
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json --enable-key 000102030405060708090a0b0c0d0e0f" --script "src/python_testing/TC_IDM_1_4.py" --script-args "--hex-arg PIXIT.DGGEN.TEST_EVENT_TRIGGER_KEY:000102030405060708090a0b0c0d0e0f --storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_PWRTL_2_1.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_RR_1_1.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_SC_3_6.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --load-from-env /tmp/test_env.yaml --script src/python_testing/TC_SC_3_6.py'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_TIMESYNC_2_1.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --PICS src/app/tests/suites/certification/ci-pics-values --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_TIMESYNC_2_10.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --PICS src/app/tests/suites/certification/ci-pics-values --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
scripts/run_in_python_env.sh out/venv './scripts/tests/run_python_test.py --app out/linux-x64-all-clusters-ipv6only-no-ble-no-wifi-tsan-clang-test/chip-all-clusters-app --factoryreset --quiet --app-args "--discriminator 1234 --KVS kvs1 --trace-to json:out/trace_data/app-{SCRIPT_BASE_NAME}.json" --script "src/python_testing/TC_TIMESYNC_2_11.py" --script-args "--storage-path admin_storage.json --commissioning-method on-network --discriminator 1234 --passcode 20202021 --PICS src/app/tests/suites/certification/ci-pics-values --trace-to json:out/trace_data/test-{SCRIPT_BASE_NAME}.json --trace-to perfetto:out/trace_data/test-{SCRIPT_BASE_NAME}.perfetto"'
Expand Down
8 changes: 8 additions & 0 deletions .pullapprove.yml
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,14 @@ groups:
teams: [reviewers-google]
reviews:
request: 10
shared-reviewers-grundfos:
type: optional
conditions:
- files.include('*')
reviewers:
teams: [reviewers-grundfos]
reviews:
request: 10
shared-reviewers-irobot:
type: optional
conditions:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@
PRODUCTION_NODE_URL_REST = "https://on.dcl.csa-iot.org"
TEST_NODE_URL_REST = "https://on.test-net.dcl.csa-iot.org"

MATTER_CERT_CA_SUBJECT = "MFIxDDAKBgNVBAoMA0NTQTEsMCoGA1UEAwwjTWF0dGVyIENlcnRpZmljYXRpb24gYW5kIFRlc3RpbmcgQ0ExFDASBgorBgEEAYKifAIBDARDNUEw"
MATTER_CERT_CA_SUBJECT_KEY_ID = "97:E4:69:D0:C5:04:14:C2:6F:C7:01:F7:7E:94:77:39:09:8D:F6:A5"


def parse_paa_root_certs(cmdpipe, paa_list):
"""
Expand Down Expand Up @@ -73,13 +76,14 @@ def parse_paa_root_certs(cmdpipe, paa_list):
else:
if b': ' in line:
key, value = line.split(b': ')
result[key.strip(b' -').decode("utf-8")] = value.strip().decode("utf-8")
result[key.strip(b' -').decode("utf-8")
] = value.strip().decode("utf-8")
parse_paa_root_certs.counter += 1
if parse_paa_root_certs.counter % 2 == 0:
paa_list.append(copy.deepcopy(result))


def write_paa_root_cert(certificate, subject):
def write_cert(certificate, subject):
filename = 'dcld_mirror_' + \
re.sub('[^a-zA-Z0-9_-]', '', re.sub('[=, ]', '_', subject))
with open(filename + '.pem', 'w+') as outfile:
Expand All @@ -93,7 +97,8 @@ def write_paa_root_cert(certificate, subject):
serialization.Encoding.DER)
outfile.write(der_certificate)
except (IOError, ValueError) as e:
print(f"ERROR: Failed to convert {filename + '.pem'}: {str(e)}. Skipping...")
print(
f"ERROR: Failed to convert {filename + '.pem'}: {str(e)}. Skipping...")


def parse_paa_root_cert_from_dcld(cmdpipe):
Expand Down Expand Up @@ -133,7 +138,38 @@ def use_dcld(dcld, production, cmdlist):
@optgroup.option('--paa-trust-store-path', default='paa-root-certs', type=str, metavar='PATH', help="PAA trust store path (default: paa-root-certs)")
def main(use_main_net_dcld, use_test_net_dcld, use_main_net_http, use_test_net_http, paa_trust_store_path):
"""DCL PAA mirroring tools"""
fetch_paa_certs(use_main_net_dcld, use_test_net_dcld, use_main_net_http, use_test_net_http, paa_trust_store_path)


def get_cert_from_rest(rest_node_url, subject, subject_key_id):
response = requests.get(
f"{rest_node_url}/dcl/pki/certificates/{subject}/{subject_key_id}").json()["approvedCertificates"]["certs"][0]
certificate = response["pemCert"].rstrip("\n")
subject = response["subjectAsText"]
return certificate, subject


def fetch_cd_signing_certs(store_path):
''' Only supports using main net http currently.'''
rest_node_url = PRODUCTION_NODE_URL_REST
os.makedirs(store_path, exist_ok=True)
original_dir = os.getcwd()
os.chdir(store_path)

cd_signer_ids = requests.get(
f"{rest_node_url}/dcl/pki/child-certificates/{MATTER_CERT_CA_SUBJECT}/{MATTER_CERT_CA_SUBJECT_KEY_ID}").json()['childCertificates']['certIds']
for signer in cd_signer_ids:
subject = signer['subject']
subject_key_id = signer['subjectKeyId']
certificate, subject = get_cert_from_rest(rest_node_url, subject, subject_key_id)

print(f"Downloaded CD signing cert with subject: {subject}")
write_cert(certificate, subject)

os.chdir(original_dir)


def fetch_paa_certs(use_main_net_dcld, use_test_net_dcld, use_main_net_http, use_test_net_http, paa_trust_store_path):
production = False
dcld = use_test_net_dcld

Expand All @@ -148,36 +184,43 @@ def main(use_main_net_dcld, use_test_net_dcld, use_main_net_http, use_test_net_h
rest_node_url = PRODUCTION_NODE_URL_REST if production else TEST_NODE_URL_REST

os.makedirs(paa_trust_store_path, exist_ok=True)
original_dir = os.getcwd()
os.chdir(paa_trust_store_path)

if use_rest:
paa_list = requests.get(f"{rest_node_url}/dcl/pki/root-certificates").json()["approvedRootCertificates"]["certs"]
paa_list = requests.get(
f"{rest_node_url}/dcl/pki/root-certificates").json()["approvedRootCertificates"]["certs"]
else:
cmdlist = ['query', 'pki', 'all-x509-root-certs']

cmdpipe = subprocess.Popen(use_dcld(dcld, production, cmdlist), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
cmdpipe = subprocess.Popen(use_dcld(
dcld, production, cmdlist), stdout=subprocess.PIPE, stderr=subprocess.PIPE)

paa_list = []
parse_paa_root_certs.counter = 0
parse_paa_root_certs(cmdpipe, paa_list)

for paa in paa_list:
if paa['subject'] == MATTER_CERT_CA_SUBJECT and paa['subjectKeyId'] == MATTER_CERT_CA_SUBJECT_KEY_ID:
# Don't include the CD signing cert as a PAA root.
continue
if use_rest:
response = requests.get(
f"{rest_node_url}/dcl/pki/certificates/{paa['subject']}/{paa['subjectKeyId']}").json()["approvedCertificates"]["certs"][0]
certificate = response["pemCert"]
subject = response["subjectAsText"]
certificate, subject = get_cert_from_rest(rest_node_url, paa['subject'], paa['subjectKeyId'])
else:
cmdlist = ['query', 'pki', 'x509-cert', '-u', paa['subject'], '-k', paa['subjectKeyId']]
cmdlist = ['query', 'pki', 'x509-cert', '-u',
paa['subject'], '-k', paa['subjectKeyId']]

cmdpipe = subprocess.Popen(use_dcld(dcld, production, cmdlist), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
cmdpipe = subprocess.Popen(use_dcld(
dcld, production, cmdlist), stdout=subprocess.PIPE, stderr=subprocess.PIPE)

(certificate, subject) = parse_paa_root_cert_from_dcld(cmdpipe)

certificate = certificate.rstrip('\n')

print(f"Downloaded certificate with subject: {subject}")
write_paa_root_cert(certificate, subject)
print(f"Downloaded PAA certificate with subject: {subject}")
write_cert(certificate, subject)

os.chdir(original_dir)


if __name__ == "__main__":
Expand Down
1 change: 1 addition & 0 deletions examples/bridge-app/linux/main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -278,6 +278,7 @@ int AddDeviceEndpoint(Device * dev, EmberAfEndpointType * ep, const Span<const E
}
if (err != CHIP_ERROR_ENDPOINT_EXISTS)
{
gDevices[index] = nullptr;
return -1;
}
// Handle wrap condition
Expand Down
2 changes: 2 additions & 0 deletions examples/fabric-bridge-app/linux/DeviceManager.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,7 @@ int DeviceManager::AddDeviceEndpoint(Device * dev, chip::EndpointId parentEndpoi
}
if (err != CHIP_ERROR_ENDPOINT_EXISTS)
{
mDevices[index] = nullptr;
return -1; // Return error as endpoint addition failed due to an error other than endpoint already exists
}
// Increment the endpoint ID and handle wrap condition
Expand All @@ -171,6 +172,7 @@ int DeviceManager::AddDeviceEndpoint(Device * dev, chip::EndpointId parentEndpoi
retryCount++;
}
ChipLogError(NotSpecified, "Failed to add dynamic endpoint after %d retries", kMaxRetries);
mDevices[index] = nullptr;
return -1; // Return error as all retries are exhausted
}
index++;
Expand Down
2 changes: 1 addition & 1 deletion scripts/build_python.sh
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ export SYSTEM_VERSION_COMPAT=0
# Make all possible human redable tracing available.
tracing_options="matter_log_json_payload_hex=true matter_log_json_payload_decode_full=true matter_enable_tracing_support=true"

gn --root="$CHIP_ROOT" gen "$OUTPUT_ROOT" --args="$tracing_options chip_detail_logging=$chip_detail_logging enable_pylib=$enable_pybindings enable_rtti=$enable_pybindings chip_project_config_include_dirs=[\"//config/python\"] $chip_mdns_arg $chip_case_retry_arg $pregen_dir_arg chip_config_network_layer_ble=$enable_ble chip_enable_ble=$enable_ble"
gn --root="$CHIP_ROOT" gen "$OUTPUT_ROOT" --args="$tracing_options chip_detail_logging=$chip_detail_logging enable_pylib=$enable_pybindings enable_rtti=$enable_pybindings chip_project_config_include_dirs=[\"//config/python\"] $chip_mdns_arg $chip_case_retry_arg $pregen_dir_arg chip_config_network_layer_ble=$enable_ble chip_enable_ble=$enable_ble chip_crypto=\"boringssl\""

function ninja_target() {
# Print the ninja target required to build a gn label.
Expand Down
Loading

0 comments on commit 61668a3

Please sign in to comment.