-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Protected Devices in CLI operations #754
Conversation
c39a7cc
to
421bc1b
Compare
75dba31
to
29aafdd
Compare
84e6b36
to
2817a21
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
previously reviewed in small PR's
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Played with it on a few (mostly unprotected) devices and commands worked as expected
return key.makeNewKey({ params: {} }).then(() => { | ||
expect(utilities.deferredChildProcess).to.have.property('callCount', 3); | ||
}); | ||
// TODO: fill these in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was this meant to be completed before merging?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I left it for a future PR. A lot of these were skipped and I would like to handle this separately because I am not sensing great urgency in fixing these tests. keys commands are used mostly internally by us
cfb0764
to
24e0961
Compare
…y to turn off service mode if needed
24e0961
to
90d80c0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work!
Description
This PR introduces support for managing Protected Devices similar to Open Devices. When a device is identified as a Protected Device, CLI puts the device in Service Mode, executes the CLI operation that is run by the user, and re-enables Device Protection on the device (whether the command succeeds or fails).
If the device is in Service Mode, CLI executes the command and enables Device Protection on the device.
A generic wrapper has been implemented to handle both Open and Protected Devices. This wrapper obtains the USB device handle, executes the requested command (e.g.,
particle flash xxx
), and, if applicable, handles the transition into Service Mode and re-enables Device Protection after command execution.The output of CLI commands for all device types and platforms remains unchanged, with all handling of Protected Devices occurring seamlessly in the background.
How to Test
Use any device on any platform in any mode (Open / Protected ) and run various CLI commands to ensure proper functionality. Example:
particle flash xxx
,particle serial xxx
,particle wifi xxx
You can use
particle device-protection --help
to enable Device Protection on your device.Note that if you are testing Protected Devices starting in DFU mode, CLI is expected to fail the command after a 60 sec timeout for devices on device-os 6.1.0 and 6.1.1. Device-OS fixes to handle Protected Devices in DFU mode are deployed in future 6.2.0 (or current develop-6.x branch). Noted here.
Related Issues / Discussions
https://app.shortcut.com/particle/epic/127955
Device Protection Tooling SDD
Completeness