Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improving wolfSSL integration with the Espressif ESP-IDF (IDFGH-13019) #13966

Open
3 of 21 tasks
gojimmypi opened this issue Jun 13, 2024 · 8 comments
Open
3 of 21 tasks
Labels
Status: Opened Issue is new

Comments

@gojimmypi
Copy link
Contributor

gojimmypi commented Jun 13, 2024

Answers checklist.

  • I have read the documentation ESP-IDF Programming Guide and the issue is not addressed there.
  • I have updated my IDF branch (master or release) to the latest version and checked that the issue is present there.
  • I have searched the issue tracker for a similar issue and not found a similar issue.

General issue report

Improving wolfSSL integration with the Espressif ESP-IDF

This is an anchor GitHub issue to track the various upcoming pull requests and other issues related to improving the wolfSSL cryptographic library integration with the Espressif ESP-IDF.

The wolfSSL libraries are available for a given project, but the integration with the ESP-IDF core is not as robust as it should be.

There's a companion issue at wolfSSL: wolfSSL/wolfssl#7640

Features To Do

Reasons for choosing wolfSSL instead of mbedTLS

For serious commercial applications needing or users simply needing more capable, flexible, and actively supported libraries developers should choose wolfSSL.

wolfSSL is a TLS library. wolfSSL offers:

  • optimal performance
  • rapid integration
  • hardware crypto support
  • support for the most current standards.

wolfSSL is the best tested crypto support, the #1 TLS in IoT and the first embedded TLS 1.3 platform with TPM 2.0, MQTT, FIPS 140 certification, hardware crypto acceleration and secure enclave support. All products are backed by 24/7 support.

wolfSSL mbed TLS
TECHNOLOGY
Copyright wolfSSL Inc. Multiple Owners
Development Team Original developers still on project Based on XySSL/PolarSSL, not maintained by the original developers
Portability "Portable Out of the Box
Win32/64, Linux, OS X, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, OpenCL, NonStop, TRON/ITRON/µITRON, Micrium's µC OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP/UX, Keil RTX, TI-RTOS, Integrity OS"
Win32/64, Linux, OS X, Solaris, FreeBSD, NetBSD, OpenBSD, OpenWRT, iPhone (iOS), Xbox, Android, SeggerOS
Standards Support SSLv3 - TLS 1.3, DTLS 1.0,1.2, 1.3 TLS 1.2/TLS 1.3 and DTLS 1.2
Server Support YES YES
Performance Awesome! See our benchmarks page: https://www.wolfssl.com/docs/benchmarks/ Average
Hardware & Assembly Optimizations - ARM Assembly Optimizations (Aarch32/Aarch64/Arm32/Cortex-M/Neon)
- ARMv8 Cryptography Extensions
- RISC-V Assembly
- STM32 F2/F4/F7/L4/L5/U5/H5/H7 Hardware Crypto
- ATECC608B, ST-SAFEA110, SE050, IoT-Safe
- Single Precision Math (C and Assembly)
Some ARM optimizations
Command Line Utility YES NO
Certifications YES (FIPS 140-3, DO-178 DAL-A) NO
Certificate Revocation Support CRL, OCSP, OCSP Stapling CRL
Crypto Library Abstraction Layer YES NO
SSL Inspection (Sniffer) Support YES NO
Compression Support zlib NO
OpenSSL Compatibility Layer YES (Actively updated - over 1,600) YES (Out of date)
Post Quantum Support Kyber, LMS, XMSS and Dilithum/Falcon NO
Supported Open Source Projects OpenSSH, Stunnel, WPA Supplicant, lighttpd (lighty), cURL, mongoose, OpenVPN, NGINX and many others
Quality Assurance Testing API Tests, Peer Review, Static Analysis, Product Specific Testing, Multiple Compilers, Benchmarks, Wrappers, Hardware Accelerated Testing, Security fuzzers (wolfSSL internal fuzzer, AFL, TLS Fuzzer, libFuzzer), known user configurations, external validation, big/little endian, multiple platforms (Embedded IOT Devices, Windows, Many Linux variants, MacOS, XCODE, Android) Broken scripts
SUPPORT DOCUMENTATION LICENSING
Documentation YES
(complete manual, API reference, build instructions, extensions reference, tutorials, source code, benchmarking, examples)
PARTIAL (build instructions, API reference, source code)
Vulnerabilities Fixes available within a few days Fixes available few months or not at all
License Dual (GPLv2 / Commercial) Dual (GPLv2 / Apache 2.0)
Royalty Free YES YES
Up to 24x7 Support YES (Full support from native English speakers via email, phone, forums) NO
FEATURES
Random Entropy wolfRAND, NIST DRBG (SHA-256) DRBG SHA-1/SHA2-256
Hashing/Cipher Functions AES SIV/CFB/OFB, SHAKE, Blake2b/Blake2s, ECIES (ECC Enc/Dec) NO
Public Key Options Single Precision math, ECC Fixed Point cache ECC NIST "modulo p" speedups
TLS Extensions SNI, Max Fragment, ALPN, Trusted CA Indication, Truncated HMAC, Secure Renegotiation, Renegotiation Indication, Session Ticket, Extended Master Secret, Encrypt-Then-Mac, Quantum-Safe Hybrid Authentication Max Fragment, Encrypt-Then-Mac

Getting Started with wolfSSL

If you are new to wolfSSL on the Espressif ESP32, this video
can help to get started:

Video Preview

Additional ESP-IDF specifics can be found in Espressif/ESP-IDF. The wolfSSL Manual is also a useful
resource.

The core Espressif IDE information for wolfSSL can be found here:

https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif

Included are the following examples:

Managed Components

The wolfSSL libraries are already available as Espressif Managed Components from the ESP Registry for installation to a specific project.

staging/test Managed Components at the Espressif Component Registry.

For details on wolfSSL Managed Components, see these blogs:

PlatformIO

We are providing two different Official wolfSSL libraries for the ESP32: standard and another specifically for Arduino:

There are also two different versions: the stable release versions (above) and these staging updates, with the latest post-release changes.

See also the wolfSSL now supported on PlatformIO blog.

https://github.com/wolfSSL/wolfssl/tree/master/IDE/PlatformIO

Arduino

See Getting Started with wolfSSL on Arduino blog.

https://www.arduino.cc/reference/en/libraries/wolfssl/

https://github.com/wolfSSL/wolfssl/tree/master/IDE/ARDUINO

wolfSSL for the Apple HomeKit on the ESP32

See the https://github.com/AchimPieters/esp32-homekit-demo

AchimPieters/esp32-homekit-demo#3

Additional wolfSSL updates related to the Espressif environment

See ESP32 Espressif Improvements - Roadmap Summary #6234

Have an idea for other improvements? Feel free to open a new issue or send us an email support@wolfssl.com

@espressif-bot espressif-bot added the Status: Opened Issue is new label Jun 13, 2024
@github-actions github-actions bot changed the title Improving wolfSSL integration with the Espressif ESP-IDF Improving wolfSSL integration with the Espressif ESP-IDF (IDFGH-13019) Jun 13, 2024
@igrr
Copy link
Member

igrr commented Jun 13, 2024

Include wolfSSL as an ESP-IDF component. See preview here.

Just wanted to mention that it's unlikely that we would accept such a PR due to the fact that wolfSSL is not compatible with IDF's Apache 2.0 license. So we have to distribute wolfSSL via the component registry, instead.

Outside of the scope of this ESP-IDF feature request, you might also want to include support for wolfSSL in https://github.com/project-chip/connectedhomeip, as that would allow using wolfSSL in Matter devices.

@gojimmypi
Copy link
Contributor Author

Hi @igrr

it's unlikely that we would accept such a PR due to the fact that wolfSSL is not compatible with IDF's Apache 2.0 license.

I'm certainly not a licensing expert - but having only the Cmakelists.txt and user_settings.h file in the ESP-IDF components directory and allowing the end user to point to their own source code does not seem to be any sort of licensing conflict. Can you please clarify?

This method does not seem to be much different that using a submodule as in esp-wolfssl, while offering the end user the ability to easily plug in a more recent version of wolfSSL simply by changing a setting in idf.py menuconfig.

There would be no wolfSSL source code in the ESP-IDF components directory. I'm thinking the Kconfig options would allow something like this:

image

I'm open to suggestions, such as:

distribute wolfSSL via the component registry, instead

Is it possible to add core ESP-IDF support for wolfSSL via a Managed Component?

For instance, if I have a project: /workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/component_test and I add the Managed Component like this:

idf.py add-dependency "wolfssl/wolfssl^5.7.0"

The ESP-IDF environment does not see the local project managed component when compiling the IDF components. For example, I added this #include to components/esp_wifi/include/esp_wifi.h:

#include "wolfssl/wolfcrypt/settings.h"

... and of course the compiler does not see the local project component:

[2/212] Building C object esp-idf/wpa_supplicant/CMakeFiles/__idf_wpa_supplicant.dir/src/ap/wpa_auth.c.obj
FAILED: esp-idf/wpa_supplicant/CMakeFiles/__idf_wpa_supplicant.dir/src/ap/wpa_auth.c.obj 
C:\SysGCC\esp32\tools\xtensa-esp-elf\esp-13.2.0_20230928\xtensa-esp-elf\bin\xtensa-esp32-elf-gcc.exe -DCONFIG_CRYPTO_MBEDTLS -DCONFIG_ECC -DCONFIG_FAST_PBKDF2 -DCONFIG_IEEE80211W -DCONFIG_NO_RADIUS -DCONFIG_OWE_STA -DCONFIG_SAE -DCONFIG_SAE_PK -DCONFIG_SHA256 -DCONFIG_WPA3_SAE -DCONFIG_WPS -DEAP_MSCHAPv2 -DEAP_PEAP -DEAP_PEER_METHOD -DEAP_TLS -DEAP_TTLS -DESPRESSIF_USE -DESP_PLATFORM -DESP_SUPPLICANT -DIDF_VER=\"v5.2-dev-3903-g66992aca7a-dirty\" -DIEEE8021X_EAPOL -DMBEDTLS_CONFIG_FILE=\"mbedtls/esp_config.h\" -DSOC_MMU_PAGE_SIZE=CONFIG_MMU_PAGE_SIZE -DSOC_XTAL_FREQ_MHZ=CONFIG_XTAL_FREQ -DUSE_WPA2_TASK -DUSE_WPS_TASK -D_GLIBCXX_HAVE_POSIX_SEMAPHORE -D_GLIBCXX_USE_POSIX_SEMAPHORE -D_GNU_SOURCE -D_POSIX_READER_WRITER_LOCKS -D__ets__ -IC:/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/component_test/build/VisualGDB/Debug/config -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/port/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/esp_supplicant/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src/utils -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/esp_supplicant/src -IC:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src/crypto -IC:/SysGCC/esp32/esp-idf/v5.2/components/newlib/platform_include -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/config/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/config/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/config/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/FreeRTOS-Kernel/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/FreeRTOS-Kernel/portable/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/FreeRTOS-Kernel/portable/xtensa/include/freertos -IC:/SysGCC/esp32/esp-idf/v5.2/components/freertos/esp_additions/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_hw_support/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_hw_support/include/soc -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_hw_support/include/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_hw_support/port/esp32/. -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_hw_support/port/esp32/private_include -IC:/SysGCC/esp32/esp-idf/v5.2/components/heap/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/log/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/soc/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/soc/esp32 -IC:/SysGCC/esp32/esp-idf/v5.2/components/soc/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/hal/platform_port/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/hal/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/hal/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_rom/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_rom/include/esp32 -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_rom/esp32 -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_common/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_system/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_system/port/soc -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_system/port/include/private -IC:/SysGCC/esp32/esp-idf/v5.2/components/xtensa/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/xtensa/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/xtensa/deprecated_include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/include/apps -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/include/apps/sntp -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/lwip/src/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/port/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/port/freertos/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/port/esp32xx/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/port/esp32xx/include/arch -IC:/SysGCC/esp32/esp-idf/v5.2/components/lwip/port/esp32xx/include/sys -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/port/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/mbedtls/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/mbedtls/library -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/esp_crt_bundle/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/mbedtls/3rdparty/everest/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/mbedtls/3rdparty/p256-m -IC:/SysGCC/esp32/esp-idf/v5.2/components/mbedtls/mbedtls/3rdparty/p256-m/p256-m -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_timer/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_wifi/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_wifi/wifi_apps/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_event/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_phy/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_phy/esp32/include -IC:/SysGCC/esp32/esp-idf/v5.2/components/esp_netif/include -mlongcalls -Wno-frame-address  -g -fdiagnostics-color=always -ffunction-sections -fdata-sections -Wall -Werror=all -Wno-error=unused-function -Wno-error=unused-variable -Wno-error=unused-but-set-variable -Wno-error=deprecated-declarations -Wextra -Wno-unused-parameter -Wno-sign-compare -Wno-enum-conversion -gdwarf-4 -ggdb -Og -fno-shrink-wrap -fmacro-prefix-map=C:/workspace/wolfssl-gojimmypi/IDE/Espressif/ESP-IDF/examples/component_test=. -fmacro-prefix-map=C:/SysGCC/esp32/esp-idf/v5.2=/IDF -fstrict-volatile-bitfields -fno-jump-tables -fno-tree-switch-conversion -std=gnu17 -Wno-old-style-declaration -Wno-strict-aliasing -Wno-write-strings -Werror -Wno-format -MD -MT esp-idf/wpa_supplicant/CMakeFiles/__idf_wpa_supplicant.dir/src/ap/wpa_auth.c.obj -MF esp-idf\wpa_supplicant\CMakeFiles\__idf_wpa_supplicant.dir\src\ap\wpa_auth.c.obj.d -o esp-idf/wpa_supplicant/CMakeFiles/__idf_wpa_supplicant.dir/src/ap/wpa_auth.c.obj -c C:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src/ap/wpa_auth.c
In file included from C:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/port/include/os.h:24,
                 from C:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src/utils/common.h:14,
                 from C:/SysGCC/esp32/esp-idf/v5.2/components/wpa_supplicant/src/ap/wpa_auth.c:10:
C:/SysGCC/esp32/esp-idf/v5.2/components/esp_wifi/include/esp_wifi.h:63:10: fatal error: wolfssl/wolfcrypt/settings.h: No such file or directory
   63 | #include "wolfssl/wolfcrypt/settings.h"
      |          ^~~~~~~~~~~~~

I suppose the instructions could include copying that local project component to the ESP-IDF, but that seems a bit awkward.

My goal is to make it as easy as possible for anyone to use wolfSSL instead of mbedTLS in their projects.

Any other options or suggestions are appreciated.

Thank you for taking a look at this issue.

@igrr
Copy link
Member

igrr commented Jun 13, 2024

There would be no wolfSSL source code in the ESP-IDF components directory. I'm thinking the Kconfig options would allow something like this:

This (user having to specify paths in their system) is a pattern we are trying to avoid in ESP-IDF, because it results in projects which are not easily portable between different computers. Imagine a team of developers working on a project, and different developers have projects checked out in different locations. Options such as this one would be impossible to commit to a common sdkconfig file in the project repository.

I think the component registry already provides a convenient way to install wolfSSL. The trend we want to see is that in the future, more features are moved out of ESP-IDF into standalone components. I'd like to avoid taking a step in the reverse direction.

The ESP-IDF environment does not see the local project managed component when compiling the IDF components. For example, I added this #include to components/esp_wifi/include/esp_wifi.h:

This is possible, please see for example how it is done in esp-tls component. We possibly have to change that line a bit to also consider wolfssl__wolfssl component name in addition to the legacy esp-wolfssl one, but the idea would be the same.

@gojimmypi
Copy link
Contributor Author

This (user having to specify paths in their system) is a pattern we are trying to avoid in ESP-IDF, because it results in projects which are not easily portable between different computers.

Yes, I agree. That's a very valid point.

I've also considered an option where the CMakeLists.txt would automatically git clone a specific version. That too, has pros and cons.

I think the component registry already provides a convenient way to install wolfSSL. ... see for example how it is done in esp-tls component

Great! That looks like a promising alternative. I don't see any idf_component.yml in that component, nor the parent directory. Is there a way for the end user to adjust the version, or do you envision a component version being fixed to a given ESP-IDF release?

It might be nice to have the user be able to select from the esp-wolfssl, the managed component, and even the custom directory.

Yes: although I completely agree with your portability concerns, I still find the ability to point to a specific component version source code location to be a useful feature (e.g. pointing to a different GitHub repo directory, allowing changes to be easily checked in, or selected from different branches or releases). I could limit this to wolfSSL examples if you'd prefer not to have this feature in the ESP-IDF.

Thanks very much being receptive to including wolfSSL in the ESP-IDF.

@igrr
Copy link
Member

igrr commented Jun 13, 2024

Great! That looks like a promising alternative. I don't see any idf_component.yml in that component, nor the parent directory. Is there a way for the end user to adjust the version, or do you envision a component version being fixed to a given ESP-IDF release?

The user would add idf_component.yml at the application level (e.g. in main component) and specify the dependency and the version there.

Other components (such as esp-tls and esp_wifi) can then detect the presence of wolfSSL component and enable the corresponding implementations — as done now in esp-tls, except for updating the component name.

I still find the ability to point to a specific component version source code location to be a useful feature

This is still doable within the framework of the component manager. It allows specifying a dependency not only on a version published in the component registry, but also a branch or commit in a Git repository, or from a local directory: https://docs.espressif.com/projects/idf-component-manager/en/latest/reference/manifest_file.html#dependencies-from-local-directory (and the section below).

So I still don't see a strong need to introduce a Kconfig option for source code path, or handling of this option in CMake.

@gojimmypi
Copy link
Contributor Author

The user would add idf_component.yml at the application level (e.g. in main component)

AHA! I didn't understand the part about using idf_component_get_property in the ESP-IDF, in particular the wolfssl__wolfssl name of the managed component can be used instead of the esp-wolfssl repository name. Thanks for the link to the docs, I had not seen that.

I've confirmed by adding this line:

idf_component_get_property(wolfssl wolfssl__wolfssl COMPONENT_LIB)

... to the esp-tls/CMakeLists.txt like this:

if(CONFIG_ESP_TLS_USING_WOLFSSL)
    idf_component_get_property(wolfssl wolfssl__wolfssl COMPONENT_LIB)
    target_link_libraries(${COMPONENT_LIB} PUBLIC ${wolfssl})
endif()

... that indeed the ESP-IDF components can find the local project wolfssl Managed Component. That's a clever implementation! I like it!! I agree this is a considerably better way of implementing a 3rd party component in the ESP-IDF.

Reminder for future reference: The idf_component_get_property needs to be added after the idf_component_register(...).

In my esp-wifi-h example above, I was also able to resolve the compiler error with the same section of code idf_component_get_property()... in the respective CmakeLists.txt.

There's a bit more work required on my part. In particular the currently published managed component (the 5.7.0 release) unfortunately does not include the Kconfig file setting for TLS_STACK_WOLFSSL. Thus even when selecting wolfssl in the menuconfig, the setting quietly falls back to not using wolfSSL due to the Kconfig dependency.

I still don't see a strong need to introduce a Kconfig option for source code path, or handling of this option in CMake.

For the typical end user, you are probably right. But from a component developer's perspective of modification of the component and contributing to the upstream source repository... how would you see that working? The Managed Component is static, disconnected source code, no? This is probably not an important issue for the ESP-IDF, but I personally find it quite appealing while developing the component. In the case of wolfSSL, there are continual, daily changes.

@igrr - Thank you so much for your help. I'm glad I asked in advance! Stay tuned while I put together a PR and publish a fresh wolfssl managed component.

Best Regards,

Jim

@igrr
Copy link
Member

igrr commented Jun 13, 2024

But from a component developer's perspective of modification of the component and contributing to the upstream source repository... how would you see that working?

There is an additional property called override_path you can add in the manifest when specifying a dependency.

Here is an example: https://github.com/espressif/idf-extra-components/blob/46213e9adb3fd3e09829afdbcb287cd2e5e06ea7/catch2/examples/catch2-console/main/idf_component.yml#L4. This line tells the component manager that if it is able to find a catch2 directory at the specified location (in this case, 3 directory levels up), it should use that as the component location, instead of downloading the component from the registry.

This approach works in cases when examples are somewhere inside a repository with the managed component, like with this catch2 component. Developers can work on an example project, while making changes to the component outside of the example project. Nothing gets downloaded, you can simply change the component and recompile the example project.

When the component is uploaded to the registry, the registry automatically removes override_path from from all the manifests, so that if somebody downloads the same example/component from the registry, we don't end up looking at the non-existent override_path.

(I have tried to explain this and other things in my last year's talk (https://igrr.github.io/edc23/1, https://www.youtube.com/watch?v=D86gQ4knUnc), perhaps you could go through it again? I think it will answer some of your questions.)

@gojimmypi
Copy link
Contributor Author

There is an additional property called override_path you can add in the manifest when specifying a dependency.

Ah, I see. That's a good idea. I'd certainly rather follow the standards.

other things in my last year's talk

@igrr I had forgotten about the presentation! Thank you for the reminder. It is very helpful.

btw - It is an awesome presentation, particularly the companion https://igrr.github.io/edc23/1.

Thanks again for all your help & feedback.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Status: Opened Issue is new
Projects
None yet
Development

No branches or pull requests

3 participants