docs(energy): document local control pairing#78
Merged
Conversation
added 8 commits
July 13, 2026 09:34
The RSA key pairing (Tesla.get_rsa_private_key, EnergySite.add_authorized_client) and EnergySiteRouter composition with aiopowerwall's local signed transport were fully shipped but undocumented, which led a recent capability audit to mischaracterize the surface as dormant. Adds docs/energy_local_control.md covering the end-to-end flow and cross-links it from the README and the existing energy sites doc.
Polling the cloud list_authorized_clients endpoint alone is unreliable (Tesla currently returns a bare-null-200 body there, and that may recur). Make the primary verification method attempting a signed local read through aiopowerwall (retried with backoff, since PowerwallAuthenticationError before verification is expected) and demote the cloud poll to a secondary, best-effort check.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Intent
Amend PR 78 per captain direction: rework the pairing-verification guidance in docs/energy_local_control.md. Polling the cloud list_authorized_clients/find_authorized_clients endpoint can no longer be the primary verification method, since Tesla currently returns a bare-null-200 body on that endpoint and this may recur. Made the primary verification method: attempt a signed local read through aiopowerwall (using live_status(), since get_system_info()/get_status() are NotImplementedError placeholders on PowerwallEnergySite and would prove nothing) in a retry loop with exponential backoff, treating aiopowerwall.PowerwallAuthenticationError as expected/not-yet-verified rather than an error, and treating a successful signed read as proof the key is VERIFIED. Demoted the cloud list_authorized_clients/find_authorized_clients poll to a secondary, best-effort check with an explicit warning that it must never override a signed local read's result. This required reordering the doc's steps slightly (register -> hand off to aiopowerwall -> verify by using it -> compose with EnergySiteRouter) since verification-by-use needs the aiopowerwall client to already exist; everything else in the PR (intro, warning box about island-mode actuation, See Also section) is unchanged. Docs-only change, no behavior changes.
What Changed
EnergySiteRoutercomposition with Teslemetry fallback.Risk Assessment
✅ Low: The changes are documentation/docstring-only, tightly scoped to energy local-control pairing guidance, and the previously reported stale verification guidance has been corrected.
Testing
Exercised the focused authorized-client parser and EnergySiteRouter behavior, produced reviewer-visible rendered HTML evidence for the docs flow, then ran the full pytest suite; all checks passed and transient pytest caches were removed.
Evidence: Rendered energy local-control documentation evidence
Pipeline
Updates from git push no-mistakes
✅ **intent** - passed
✅ No issues found.
✅ **Rebase** - passed
✅ No issues found.
🔧 **Review** - 1 issue found → auto-fixed ✅
tesla_fleet_api/tesla/energysite.py:127- This docstring still tells callers to polllist_authorized_clientsforVERIFIED, which contradicts the new local-control guidance that cloud polling is only secondary/best-effort because the endpoint can return barenull. Update this to point callers at signed local-read verification, or at least qualify cloud polling as non-authoritative.🔧 Fix: Align energy pairing verification docs
✅ Re-checked - no issues remain.
✅ **Test** - passed
✅ No issues found.
uv run pytest tests/test_teslemetry_authorized_clients.py tests/test_router.py::EnergySiteRouterTestsGenerated/tmp/no-mistakes-evidence/01KXCCGMKSM7AHK3F5HK9GSQ8N/energy-local-control-rendered.htmlfromdocs/energy_local_control.mdand checked the revised verification guidance/order in the rendered artifact.uv run pytest tests✅ **Document** - passed
✅ No issues found.
✅ **Lint** - passed
✅ No issues found.
✅ **Push** - passed
✅ No issues found.