deCONZ: Fix discovery script [3]

[mattreim]

Unfortunately the discovery script never worked because the path was incorrect. I also improved it a bit and added more log data.

Error: unable to open database "/data/.local/share/dresden-elektronik/deCONZ/zll.db": unable to open database file

Summary by CodeRabbit

• Bug Fixes

  • Improved discovery reliability: automatically locate or create/validate the API key, retry bridge ID resolution with robust retries and clear success/failure handling, and avoid proceeding when required discovery data is missing.
  • Enhanced status and log messages for clearer feedback during discovery.

• Documentation

  • Updated changelog with 8.5.0 (discovery fix) and refreshed entries for 8.4.0 and 8.3.0, including version notes, UI updates, and translation improvements.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds changelog entries through 8.5.0 and updates addon version. Reworks the deCONZ discovery script to read API keys from DB (primary/fallback), validate or create keys via the deCONZ API with retries, poll for a valid bridge ID (serial), and send discovery payloads to Home Assistant with updated logging and exit behavior.

Changes

Cohort / File(s)	Summary
Documentation (Changelog) deconz/CHANGELOG.md	Adds version 8.5.0 entry ("Fix discovery script"), updates 8.4.0 and 8.3.0 notes, and preserves earlier changelog sections.
Discovery Flow Refactor deconz/rootfs/etc/services.d/deconz/discovery	Replaces fixed DATA_STORE lookup with primary/fallback DB reads; validates existing API key via GET; if absent/invalid, repeatedly POSTs to create a key (up to 60 attempts); polls for bridge ID (validates 16-hex serial, retries ~25 times); constructs discovery payload including port/api key/serial; improves logging and exits gracefully on unrecoverable states.
Metadata bump deconz/config.yaml	Bumps addon version from 8.2.0 to 8.5.0 (metadata only).

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant S as Discovery Script
  participant DB as deCONZ DB (primary / fallback)
  participant A as deCONZ API
  participant HA as Home Assistant

  Note over S: Start discovery script

  S->>DB: Read API key (primary)
  alt not found
    S->>DB: Read API key (fallback)
  end

  alt API key present
    S->>A: GET /api/<key>/config (validate key)
    alt valid
      Note over S,A: Use existing key
    else invalid
      Note over S,A: Treat as missing -> create
      loop up to 60 tries (1s)
        S->>A: POST /api (create key)
        A-->>S: response (apikey) or error
      end
    end
  else no key
    loop up to 60 tries (1s)
      S->>A: POST /api (create key)
      A-->>S: response (apikey) or error
    end
  end

  loop up to ~25 tries (5s)
    S->>A: GET /api/<key>/config (fetch bridgeid)
    A-->>S: bridgeid or error
  end

  alt bridgeid valid (16-hex)
    S->>HA: POST discovery payload {port, apikey, serial}
    HA-->>S: success / failure
    alt success
      Note over S: Successfully sent discovery information
    else failure
      Note over S: Failed to send discovery message
    end
  else no valid bridgeid
    Note over S: Exit with error (no serial)
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Title Check	✅ Passed	The pull request title succinctly describes the primary change of fixing the deCONZ discovery script and is directly related to the main modifications in this changeset without including unnecessary details.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (5)

deconz/rootfs/etc/services.d/deconz/discovery (5)

23-31: Clarify log message when DB is missing

The script still attempts API-key creation and serial retrieval via API. “Proceeding without serial” is misleading here.

Apply:

-        bashio::log.error "No database found in either path! Proceeding without serial."
+        bashio::log.error "No database found in either path! Will attempt API key creation and serial via API."

---

34-38: Guard sqlite3 usage to avoid noisy errors

If sqlite3 is absent, skip DB read and fall back to API creation cleanly.

-if [ -n "$DATA_STORE" ]; then
-    api_key=$(sqlite3 "${DATA_STORE}" \
-        'SELECT apikey FROM auth WHERE devicetype="Home Assistant" ORDER BY createdate DESC LIMIT 1' 2>/dev/null)
-fi
+if [ -n "$DATA_STORE" ] && command -v sqlite3 >/dev/null 2>&1; then
+    api_key=$(sqlite3 "${DATA_STORE}" \
+        'SELECT apikey FROM auth WHERE devicetype="Home Assistant" ORDER BY createdate DESC LIMIT 1' 2>/dev/null) || true
+else
+    bashio::log.debug "Skipping database read (no DATA_STORE or sqlite3 not available)."
+fi

---

40-51: Add curl timeouts when validating existing API key

Prevents hangs if local API is slow/unresponsive.

-    http_code=$(curl -s -o /dev/null -w "%{http_code}" \
+    http_code=$(curl --silent --connect-timeout 2 --max-time 5 -o /dev/null -w "%{http_code}" \
         "http://127.0.0.1:40850/api/${api_key}/config")

---

52-71: Harden API key creation loop (timeouts) and surface error context

Avoid indefinite waits and improve diagnostics.

-        if result="$(curl --silent --show-error --request POST \
+        if result="$(curl --silent --show-error --connect-timeout 2 --max-time 5 --request POST \
             -d '{"devicetype": "Home Assistant"}' \
             "http://127.0.0.1:40850/api")"; then
             api_key="$(bashio::jq "${result}" '.[0].success.username')"
             if bashio::var.has_value "${api_key}"; then
                 bashio::log.info "API key successfully created after ${i} seconds."
                 break
             fi
+            # Log error description if provided by deCONZ
+            err_desc="$(bashio::jq "${result}" '.[0].error.description')"
+            if bashio::var.has_value "${err_desc}"; then
+                bashio::log.debug "API key create attempt ${i} response: ${err_desc}"
+            fi
         fi

---

73-89: Try fetching bridge ID immediately; add curl timeouts

Reduces time-to-success and avoids hangs.

-while [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]]; do
-    sleep 5
-    if result="$(curl --silent --show-error \
+while [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]]; do
+    if result="$(curl --silent --show-error --connect-timeout 2 --max-time 5 \
         --request GET "http://127.0.0.1:40850/api/${api_key}/config")"; then
         candidate="$(bashio::jq "${result}" '.bridgeid')"
         if [[ "$candidate" =~ ^[0-9A-Fa-f]{16}$ ]]; then
             serial="$candidate"
         else
             serial="0000000000000000"
         fi
     fi
     ((retries--))
+    if [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]]; then
+        sleep 5
+    fi
 done

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between 7c135d4 and f7251b6.

📒 Files selected for processing (2)

• deconz/CHANGELOG.md (1 hunks)
• deconz/rootfs/etc/services.d/deconz/discovery (3 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

*/**(html|markdown|md)

⚙️ CodeRabbit configuration file

*/**(html|markdown|md): - For instructional content in documentation, use a direct and authoritative tone. Avoid expressions of politeness such as 'may' or 'please', and ensure the goal of the instruction is fronted.

• Apply the Microsoft Style Guide to ensure documentation maintains clarity and conciseness.
• In step-by-step instructions, front the location phrase in the instructional sentence.
• In step-by-step instructions, front the 'goal' in the instructional sentence.
• In step-by-step instructions, if in doubt what to front, front the 'goal' before the location phrase in the instructional sentence.
• do not hyphenate terms like 'top-right' or 'bottom-left' with 'corner'

*/**(html|markdown|md): - Use bold to mark UI strings.

• If "" are used to mark UI strings, replace them by bold.

• Be brief in your replies and don't add fluff like "thank you for..." and "Please let me know if"

• Use sentence-style capitalization also in headings.

do not comment on HTML used for icons

Avoid flagging inline HTML for embedding videos in future reviews for this repository.

Files:

• deconz/CHANGELOG.md

🔇 Additional comments (3)

deconz/CHANGELOG.md (1)

3-6: Changelog entry looks good

Version section and note are clear and consistent with prior entries.

deconz/rootfs/etc/services.d/deconz/discovery (2)

12-12: Good: explicit start log

Helpful for tracing startup.

---

103-108: Success/error logs on discovery send look good

Clear operator feedback on outcome.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

deconz/rootfs/etc/services.d/deconz/discovery (1)

73-88: Move sleep to end of loop for faster first attempt.

The sleep 5 at line 77 executes before the first attempt, causing an unnecessary 5-second delay. Moving it to the end of the loop will make the first attempt immediate while still maintaining the 5-second interval between retries.

Apply this diff:

-retries=25
-serial="0000000000000000"
-while [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]]; do
-    sleep 5
-    if result="$(curl --silent --show-error \
-        --request GET "http://127.0.0.1:40850/api/${api_key}/config")"; then
-        candidate="$(bashio::jq "${result}" '.bridgeid')"
-        if [[ "$candidate" =~ ^[0-9A-Fa-f]{16}$ ]]; then
-            serial="$candidate"
-        else
-            serial="0000000000000000"
-        fi
-    fi
+retries=25
+serial="0000000000000000"
+while [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]]; do
+    if result="$(curl --silent --show-error \
+        --request GET "http://127.0.0.1:40850/api/${api_key}/config")"; then
+        candidate="$(bashio::jq "${result}" '.bridgeid')"
+        if [[ "$candidate" =~ ^[0-9A-Fa-f]{16}$ ]]; then
+            serial="$candidate"
+        else
+            serial="0000000000000000"
+        fi
+    fi
     ((retries--))
+    [[ "${serial}" = "0000000000000000" && "${retries}" -gt 0 ]] && sleep 5
 done

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to data retention organization setting

📥 Commits

Reviewing files that changed from the base of the PR and between f7251b6 and 626ca1b.

📒 Files selected for processing (2)

• deconz/config.yaml (1 hunks)
• deconz/rootfs/etc/services.d/deconz/discovery (3 hunks)

✅ Files skipped from review due to trivial changes (1)

• deconz/config.yaml

🔇 Additional comments (6)

deconz/rootfs/etc/services.d/deconz/discovery (6)

12-13: LGTM!

Good addition for observability. The start log helps track when the discovery process begins.

---

23-32: LGTM!

The fallback logic correctly addresses the database path issue mentioned in the PR. The graceful degradation (proceeding without serial if no database is found) prevents the service from failing.

---

34-50: LGTM!

The API key validation logic is well-implemented. Reading from the database when available and validating via HTTP before use is good defensive programming.

---

52-71: LGTM!

The API key creation loop is well-structured with appropriate retry logic. The 60-second window gives users time to unlock the gateway, and the non-fatal exit prevents service flapping.

---

90-93: LGTM! Past review comment addressed.

The non-fatal exit (status 0) prevents s6 service restarts when the bridge ID cannot be retrieved, which was correctly identified in the previous review.

---

105-107: LGTM!

The updated log messages provide clearer feedback on the discovery process outcome, improving observability.

[mattreim]

I encountered a problem: If the discovery script works, all users with the integration should switch to the "Home Assistant" API key. This will fix the internal communication and this issue. I'm not entirely sure whether the "pydeconz" API key needs to be deleted first, but I've already thought of a workaround for that.

The DOCS.md could be extended with this.

My deCONZ integration can no longer be activated

If this issue occurs, first remove the integration and check the API keys used in the Phoscon App. Go to Help -> API -> Information -> Configuration and scroll to "Whitelist". Here, only the "Home Assistant" API key is required for Home Assistant, not "pydeconz". To do this, install "Advanced SSH & Web Terminal" in Home Assistant, for example, and send the following expression to the API to remove the key. After a subsequent system restart, you can reinstall the deCONZ integration.

• (API) Port: 40850
• apikey: Home Assistant API key
• apikey2: API Key to remove

curl --request DELETE "http://127.0.0.1:<(API) Port>/api/<apikey>/config/whitelist/<apikey2>"