chore(esphome): parameterize OTA password (preserve current default)

[Tycorc]

Version: 26.3.2.1

What does this implement/fix?

Promotes the hardcoded password: "apolloautomation" literal in AIR-1.yaml and AIR-1_BLE.yaml to a ${ota_password} substitution defined in Core.yaml, with the existing literal kept as the default. No behavior change for anyone who doesn't override.

Why

Every Apollo AIR-1 currently boots with the same fleet-wide OTA password (the literal was introduced in #34 to fix OTA upgrade failures from #20 / #27 — that fix is preserved here, just made overridable). Consumers who include this YAML via ESPHome packages: cannot override the password from their device file because:

• ESPHome packages extend list-valued keys, so adding a second ota: - platform: esphome block in the consumer file produces a duplicate-platform validation error.
• ota: !remove removes the package's contribution, but YAML disallows two top-level ota: keys, so the consumer can't redeclare in the same document.
• The current upstream YAML doesn't expose the password as a substitution.

The only existing workaround is to fork or vendor a local copy of this file — neither of which keeps the upstream package_import_url flow working.

The newer Apollo product configs (MSR-2, MTR-1, PWR-1, TEMP-1, PLT-1, BTN-1, RLY-1, H-1, H-2, PUMP-1) all have ota: blocks but no hardcoded password literal — only AIR-1 and MSR-1 still ship with one. A sibling PR has been opened against MSR-1 with the same change.

What changes

# Core.yaml
substitutions:
  name: apollo-air-1
  version: "26.3.2.1"
  device_description: ${name} made by Apollo Automation - version ${version}.
  # Default OTA password. Override in your device YAML by re-declaring
  # `substitutions: { ota_password: !secret <name>_ota_password }` so each
  # device on your network uses a unique secret instead of the shared default.
  ota_password: "apolloautomation"

# AIR-1.yaml + AIR-1_BLE.yaml
ota:
  - platform: esphome
    id: ota_esphome
    password: ${ota_password}

Override pattern (consumer device YAML)

substitutions:
  ota_password: !secret living_room_air_1_ota_password

packages:
  ApolloAutomation.AIR-1: github://ApolloAutomation/AIR-1/Integrations/ESPHome/AIR-1.yaml

Backwards compat

100% — devices that don't set ota_password get the same "apolloautomation" literal as before. Existing consumers, CI builds, and OTA flow unchanged.

Types of changes

• Bugfix (fixed change that fixes an issue)
• New feature (thanks!)
• Breaking change (repair/feature that breaks existing functionality)
• Dependency Update - Does not publish
• Other - Does not publish
• Website of github readme file update - Does not publish
• Github workflows - Does not publish

Checklist / Checklijst:

• The code change has been tested and works locally
• The code change has not yet been tested

If user-visible functionality or configuration variables are added/modified:

• Added/updated documentation for the web page

[coderabbitai]

Warning

Rate limit exceeded

@Tycorc has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 59 minutes and 14 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e0030a80-2f68-4cf3-ada1-4f69e91bf42d

📥 Commits

Reviewing files that changed from the base of the PR and between 20cc32c and b964bc5.

📒 Files selected for processing (3)

• Integrations/ESPHome/AIR-1.yaml
• Integrations/ESPHome/AIR-1_BLE.yaml
• Integrations/ESPHome/Core.yaml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}