# Cross-Language Smoke Matrix The cross-language smoke matrix defines the documented commands used to compare official clients against the same live gateway flow. It is a repository validation fixture and command reference; normal unit tests validate the matrix shape without connecting to a gateway. The matrix lives in `clients/proto/fixtures/smoke/cross-language-smoke-matrix.json`. ## Scope The matrix covers the supported client languages: - .NET - Go - Rust - Python - Java Each client entry defines commands for the same required operation sequence: 1. `open-session` 2. `register` 3. `add-item` 4. `advise` 5. `stream-events` 6. `close-session` The optional `write` command is documented separately because writing changes provider state and should only run when the operator supplies a safe test value. ## Integration Gate Cross-language smoke execution is opt-in. Runners should skip the matrix unless this variable is set: ```powershell $env:MXGATEWAY_INTEGRATION = "1" ``` The shared inputs are: | Variable | Default | Purpose | |----------|---------|---------| | `MXGATEWAY_ENDPOINT` | `localhost:5000` | Gateway endpoint used by client CLIs. | | `MXGATEWAY_API_KEY` | Empty | API key source for authenticated gateway deployments. | | `MXGATEWAY_TEST_ITEM` | `TestChildObject.TestInt` | MXAccess item used by `add-item`. | | `MXGATEWAY_TEST_WRITE_VALUE` | Empty | Enables the optional write step when set by a runner. | The commands in the matrix use `MXGATEWAY_API_KEY` through each CLI's `api-key-env` flag. They must not embed bearer tokens or raw API keys. ### TLS variant The matrix runs over plaintext (`h2c`) by default. A TLS variant exists but stays a manual/opt-in run, consistent with the gate above, because it needs the gateway started with an HTTPS endpoint (an `https://` `MXGATEWAY_ENDPOINT`) and each CLI switched to its TLS flag (`--tls` / `-tls` / `--plaintext=false` / `plaintext=False`). The clients are lenient by default and accept the gateway's auto-generated self-signed certificate without extra trust setup, except the Rust CLI, which is pin-only and needs `--ca-file` or `--require-certificate-validation` (and Python uses trust-on-first-use). See [Gateway Configuration — Automatic self-signed certificate](./GatewayConfiguration.md#automatic-self-signed-certificate) and each client README for the per-client TLS flags. ## JSON Comparison Every command in the matrix requests JSON output. A runner can compare the normalized smoke record across languages with these fields: - language, - operation, - session id, - server handle, - item handle, - event count, - event family, - worker sequence, - protocol status, - HRESULT, - status arrays, - close status. Failure output must include the client language, endpoint, and redacted auth context. Auth context identifies the source, such as `MXGATEWAY_API_KEY`, but does not include the secret value. ## Bundled Smoke Commands Each client also exposes a bundled `smoke` command. Those commands are useful for quick local checks, but the full cross-language matrix uses explicit operation commands because not every bundled smoke command streams events yet. The explicit sequence remains the parity baseline for issue-level validation. ## Validation Run the matrix shape tests after changing the smoke matrix: ```bash dotnet test src/ZB.MOM.WW.MxGateway.Tests/ZB.MOM.WW.MxGateway.Tests.csproj --filter FullyQualifiedName~CrossLanguageSmokeMatrixTests ``` Live execution remains a separate opt-in step because it depends on a running gateway, the installed MXAccess worker path, and provider state. ## Related Documentation - [Gateway Testing](./GatewayTesting.md) - [Client Libraries Detailed Design](./ClientLibrariesDesign.md) - [Client Proto Generation](./ClientProtoGeneration.md)