Skip to content

[ADR] Graceful Device Initialization Failure Handling #230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[ADR] Graceful Device Initialization Failure Handling #230

wants to merge 5 commits into from

Conversation

nateinaction
Copy link
Member

Summary

This pull request introduces a new Architectural Decision Record (ADR) for handling safe device failures on the satellite. The ADR proposes patterns to replace the now removed hardware dictionary that used to track device initialization state.

@nateinaction nateinaction requested review from Mikefly123 and a team April 12, 2025 02:18
@nateinaction nateinaction changed the title [ADR] Safe Device Failure [ADR] Graceful Device Initialization Failure Handling Apr 12, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Mikefly123 Mikefly123 added the ADR Architectural Decision Record label Apr 13, 2025
@Mikefly123
Copy link
Member

Hey @nateinaction! Thanks for putting this together and this is a great way to document decision points going forward. I added a tag that can be used for these kinds of issues so we can go back to them in the future easily.

After spending some time thinking about the two options, I think Option #2 would be preferable to try and maintain the highest level of code safety without putting too much of a burden on the end user. Especially because the expectation is that this codebase will primarily be used by beginner software teams with very limited resources, creating a system where it is unlikely or impossible that downstream function calls might become an unhandled exception minefield feels like it should be a top priority.

In my mind one of the other potential benefits of going with the second option is making it easier to implement a "Circuit Breaker Pattern" type of thing to allow downstream services to still call into something which has built in functionality to try and restore the connection to the downstream sensor over time.

@Mikefly123 Mikefly123 mentioned this pull request Jul 2, 2025
Closed
3 tasks
nateinaction
nateinaction commented Jul 3, 2025
View reviewed changes
adr/graceful-device-initialization-failure-handling.md

### Pattern 1: Generic Device Protocol with `get_state()`

We propose to add a `get_state()` method to the generic device protocol. This method will return 1 of 3 possible states: `unknown`, `initialized`, or `failed` allowing downstream services to check the state of a device before attempting to use it.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
We propose to add a `get_state()` method to the generic device protocol. This method will return 1 of 3 possible states: `unknown`, `initialized`, or `failed` allowing downstream services to check the state of a device before attempting to use it.
We propose to add a `get_state()` method to the generic device protocol. This method will return 1 of 3 possible states: `disabled`, `enabled`, or `failed` allowing downstream services to check the state of a device before attempting to use it.

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Oct 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mikefly123 Mikefly123 Awaiting requested review from Mikefly123

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
ADR Architectural Decision Record
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nateinaction @Mikefly123 @ineskhou