[esp32] Dynamically embed managed component server certificates (#12509)

Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: J. Nick Koston <nick@koston.org>
2025-12-17 17:26:56 -05:00
parent 91c504061b
commit 4ddaff4027
2 changed files with 12 additions and 9 deletions
--- a/esphome/components/esp32/init.py
+++ b/esphome/components/esp32/init.py
@@ -982,15 +982,6 @@ async def to_code(config):
        cg.add_platformio_option("framework", "arduino, espidf")
        cg.add_build_flag("-DUSE_ARDUINO")
        cg.add_build_flag("-DUSE_ESP32_FRAMEWORK_ARDUINO")
-        cg.add_platformio_option(
-            "board_build.embed_txtfiles",
-            [
-                "managed_components/espressif__esp_insights/server_certs/https_server.crt",
-                "managed_components/espressif__esp_rainmaker/server_certs/rmaker_mqtt_server.crt",
-                "managed_components/espressif__esp_rainmaker/server_certs/rmaker_claim_service_server.crt",
-                "managed_components/espressif__esp_rainmaker/server_certs/rmaker_ota_server.crt",
-            ],
-        )
        cg.add_define(
            "USE_ARDUINO_VERSION_CODE",
            cg.RawExpression(
--- a/esphome/components/esp32/post_build.py.script
+++ b/esphome/components/esp32/post_build.py.script
@@ -5,6 +5,7 @@ import json  # noqa: E402
 import os  # noqa: E402
 import pathlib  # noqa: E402
 import shutil  # noqa: E402
+from glob import glob  # noqa: E402


 def merge_factory_bin(source, target, env):
@@ -126,3 +127,14 @@ def esp32_copy_ota_bin(source, target, env):
 # Run merge first, then ota copy second
 env.AddPostAction("$BUILD_DIR/${PROGNAME}.bin", merge_factory_bin)  # noqa: F821
 env.AddPostAction("$BUILD_DIR/${PROGNAME}.bin", esp32_copy_ota_bin)  # noqa: F821
+
+# Find server certificates in managed components and generate .S files.
+# Workaround for PlatformIO not processing target_add_binary_data() from managed component CMakeLists.
+project_dir = env.subst("$PROJECT_DIR")
+managed_components = os.path.join(project_dir, "managed_components")
+if os.path.isdir(managed_components):
+    for cert_file in glob(os.path.join(managed_components, "**/server_certs/*.crt"), recursive=True):
+        try:
+            env.FileToAsm(cert_file, FILE_TYPE="TEXT")
+        except Exception as e:
+            print(f"Error processing {os.path.basename(cert_file)}: {e}")