Add dedicated Astarte FDO library by mizzet1 · Pull Request #1819 · astarte-platform/astarte

mizzet1 · 2026-02-25T10:22:32Z

to avoid circular dependencies (and having libraries depend on apps), this pr aim to create a new library astarte_fdo to move dedicated fdo modules there

codecov · 2026-02-25T14:34:56Z

Codecov Report

❌ Patch coverage is 0% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.80%. Comparing base (c98b9ad) to head (8401f6c).

Files with missing lines	Patch %	Lines
...te_data_access/lib/astarte_data_access/fdo/cbor.ex	0.00%	13 Missing ⚠️
..._access/lib/astarte_data_access/fdo/session_key.ex	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1819      +/-   ##
==========================================
- Coverage   85.96%   85.80%   -0.17%     
==========================================
  Files         559      561       +2     
  Lines        9757     9747      -10     
==========================================
- Hits         8388     8363      -25     
- Misses       1369     1384      +15

Files with missing lines	Coverage Δ
...keeping/lib/astarte_housekeeping/realms/queries.ex	`91.54% <ø> (ø)`
...airing/lib/astarte_pairing/fdo/owner_onboarding.ex	`74.72% <ø> (+0.49%)`	⬆️
...airing/fdo/owner_onboarding/device_service_info.ex	`73.33% <ø> (ø)`
.../fdo/owner_onboarding/device_service_info_ready.ex	`80.95% <ø> (ø)`
...pairing/fdo/owner_onboarding/owner_service_info.ex	`100.00% <ø> (ø)`
...tarte_pairing/fdo/owner_onboarding/prove_ov_hdr.ex	`72.22% <ø> (ø)`
...ib/astarte_pairing/fdo/owner_onboarding/session.ex	`98.21% <ø> (+3.84%)`	⬆️
...starte_pairing/fdo/owner_onboarding/session_key.ex	`90.76% <ø> (-0.28%)`	⬇️
...tarte_pairing/fdo/owner_onboarding/setup_device.ex	`90.00% <ø> (ø)`
...rte_pairing/fdo/owner_onboarding/signature_info.ex	`57.14% <ø> (-1.20%)`	⬇️
... and 15 more

... and 15 files with indirect coverage changes

Flag	Coverage Δ
astarte_appengine_api	`85.71% <ø> (-0.17%)`	⬇️
astarte_data_access	`79.10% <0.00%> (-3.46%)`	⬇️
astarte_data_updater_plant	`86.98% <ø> (-0.08%)`	⬇️
astarte_events	`79.40% <ø> (ø)`
astarte_generators	`97.56% <ø> (-0.18%)`	⬇️
astarte_realm_management	`87.58% <ø> (-0.08%)`	⬇️
astarte_rpc	`88.23% <ø> (ø)`
astarte_trigger_engine	`82.47% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

mizzet1 · 2026-03-04T17:09:49Z

Points addressed from #1801 :

Added decoded_cbor function directly in the Hash module
Use custom type Astarte.FDO.CBOR, using: Astarte.FDO.Hash for hmac field in to2_session
Use Exandra.EmbeddedType instead of Exandra.UDT for session keys fields

Missing:
explore avoid having a custom SessionKey type in astarte_fdo (but keeping it at the db level) and encode/decode to/from COSE.Keys.Symmetric (by opening pr in COSE)

noaccOS · 2026-03-05T08:04:48Z

apps/astarte_housekeeping/priv/migrations/realm/0011_create_device_session_table.sql

-  sevk blob,
-  svk blob,
-  sek blob,
+  sevk session_key,


now that the feature branch has been merged, we actually do need to create new migrations and treat existing ones as read only

noaccOS · 2026-03-05T08:05:57Z

libs/astarte_fdo/lib/astarte_fdo.ex

@@ -0,0 +1,18 @@
+defmodule AstarteFdo do


we can delete this file

noaccOS · 2026-03-05T08:06:33Z

libs/astarte_fdo/lib/cbor.ex

+# limitations under the License.
+#
+
+defmodule Astarte.FDO.CBOR do


this is astarte data access material, it has nothing to do with astarte_fdo

noaccOS · 2026-03-05T08:06:56Z

apps/astarte_pairing/lib/astarte_pairing/fdo/types/error.ex

-  @moduledoc """
-  This module defines the structure of an error message in
-  the FDO protocol, including the error code, previous message ID,
-  error message, timestamp, and correlation ID.
-  It also provides functions for encoding the error message
-  into a CBOR for transmission in the FDO protocol.
-  """


why have we removed moduledocs?

noaccOS · 2026-03-05T08:07:34Z

libs/astarte_fdo/lib/public_key.ex

+         {:ok, public_key} <- decode(cbor_list) do
+      {:ok, public_key}


this should trigger a failure in credo, why isn't it failing?

noaccOS · 2026-03-05T08:48:45Z

apps/astarte_pairing/mix.exs

-      {:httpoison, "~> 2.2", override: true}
+      {:astarte_fdo, path: astarte_lib("astarte_fdo")},
+      {:astarte_generators, path: astarte_lib("astarte_generators"), only: [:dev, :test]},
+      {:stream_data, "~> 1.1", only: [:dev, :test]}


why was this added?

noaccOS · 2026-03-05T08:51:32Z

apps/astarte_pairing/test/astarte_pairing/fdo/owner_onboarding_test.exs

+  alias COSE.Messages.Sign1
  alias COSE.Messages.Sign1


noaccOS · 2026-03-05T09:01:02Z

apps/astarte_pairing/lib/astarte_pairing/fdo/ownership_voucher/core.ex

+    end
+  end
+
+  def fetch(realm_name, guid) do


in general, we use core modules to place implementations of functions which are complex or long enough and internal logic makes sense on its own

for instance, we may have a function in the "outer" module with validation and the function in the core module which expects that its preconditions are met, and the outer calls core after having made its validations.

in general, you never want other modules to use Core directly (except maybe tests), but all functionality should be available from the outer OwnershipVoucher module

personally, I would leave these functions there

noaccOS · 2026-03-05T09:35:13Z

apps/astarte_pairing/lib/astarte_pairing/fdo/owner_onboarding/session_key.ex

+
+  def from_db(%{"alg" => alg, "k" => k, "kty" => kty}) do
+    %Symmetric{
+      alg: String.to_existing_atom(alg),


cursed 💀

noaccOS · 2026-03-05T09:35:54Z

apps/astarte_pairing/lib/astarte_pairing/fdo/service_info.ex

        }
      )
-      when is_empty(service_info) do
+      when service_info.module == nil and service_info.key == nil and service_info.value == nil do


let's keep the guard

Signed-off-by: Riccardo Nalgi <riccardo.nalgi@secomind.com>

- remove unused astarte_fdo and gitignore files from fdo library - create new migrations and treat existing ones as read only - move all Ecto related FDO modules to astarte_data_access - add missing moduledocs - place "fdo" scope under libraries - delete github workflow files from fdo library - add missing copyright header - use guard to check emptyness of service info - remove data_access dependency from fdo library Signed-off-by: Riccardo Nalgi <riccardo.nalgi@secomind.com>

mizzet1 force-pushed the astartefdolib branch from 8c6037f to baa50c7 Compare February 25, 2026 14:25

mizzet1 force-pushed the astartefdolib branch 7 times, most recently from 818b75e to 8845121 Compare March 3, 2026 13:22

github-actions bot added the size/xl label Mar 3, 2026

mizzet1 changed the base branch from feat/fido-device-onboard to release-1.3 March 3, 2026 13:36

mizzet1 force-pushed the astartefdolib branch from 8845121 to 46ceffe Compare March 3, 2026 13:54

github-actions bot added the size/m label Mar 3, 2026

mizzet1 force-pushed the astartefdolib branch from 46ceffe to 38245af Compare March 3, 2026 15:00

mizzet1 changed the base branch from release-1.3 to master March 3, 2026 15:03

mizzet1 force-pushed the astartefdolib branch from 38245af to 85c8820 Compare March 3, 2026 16:53

github-actions bot added the size/l label Mar 3, 2026

mizzet1 force-pushed the astartefdolib branch 12 times, most recently from 92aaab0 to da1285f Compare March 4, 2026 17:07

mizzet1 force-pushed the astartefdolib branch 2 times, most recently from a4725f9 to f63fdb8 Compare March 4, 2026 17:24

noaccOS requested changes Mar 5, 2026

View reviewed changes

mizzet1 force-pushed the astartefdolib branch 14 times, most recently from 9da63f2 to 64d8fd9 Compare March 6, 2026 11:01

mizzet1 added 3 commits March 6, 2026 12:06

feat(pairing): add custom types logic for to2 session fields

adf794b

Signed-off-by: Riccardo Nalgi <riccardo.nalgi@secomind.com>

refactor(fdo): add dedicated astarte_fdo library

b8462c4

Signed-off-by: Riccardo Nalgi <riccardo.nalgi@secomind.com>

mizzet1 force-pushed the astartefdolib branch from 77b03fb to 8401f6c Compare March 6, 2026 11:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add dedicated Astarte FDO library#1819

Add dedicated Astarte FDO library#1819
mizzet1 wants to merge 3 commits intoastarte-platform:masterfrom
mizzet1:astartefdolib

mizzet1 commented Feb 25, 2026

Uh oh!

codecov bot commented Feb 25, 2026 •

edited

Loading

Uh oh!

mizzet1 commented Mar 4, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

noaccOS Mar 5, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

mizzet1 commented Feb 25, 2026

Uh oh!

codecov bot commented Feb 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

mizzet1 commented Mar 4, 2026

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov bot commented Feb 25, 2026 •

edited

Loading