cat1: mixed-server (2.7) + whoami per-user execution proof (2.4) PASS via tunnel-registered ref server
This commit is contained in:
@@ -56,3 +56,27 @@ removed since first probe: ['Brightdata_ScrapeAsMarkdown']
|
||||
metadata). Corollary: the edit did **not** propagate while unsaved (draft); it appeared only after
|
||||
**Save** — correct/expected, not a defect. Propagation was effectively immediate (next poll).
|
||||
|
||||
## Mixed prebuilt + custom + whoami execution proof (2.7, 2.4) — full self-hosted chain
|
||||
Registered the reference server (`arcade-mcp`, toolkit `ArcadeEvalRef`) as a **self-hosted Arcade
|
||||
server** via a Cloudflare tunnel (dashboard Add Server → **Arcade** type; URI = trycloudflare URL,
|
||||
Secret = `ARCADE_WORKER_SECRET`), then added Echo/Add/Whoami to `zeb-gateway-test`. (`arcade deploy`
|
||||
hosted is cloud-only — see LIVE-POC finding — so the register path is used.)
|
||||
|
||||
Gateway lists **10 tools in one flat list — prebuilt + custom coexist**:
|
||||
```
|
||||
prebuilt (7): GoogleDocs x4, Slack x2, Youtube x1 (Arcade-cloud `main`)
|
||||
custom (3): ArcadeEvalRef_Add, _Echo, _Whoami (our self-hosted server, via tunnel)
|
||||
```
|
||||
Invocation (full chain client -> gateway -> Engine -> Cloudflare tunnel -> local server):
|
||||
```
|
||||
ArcadeEvalRef_Echo(text="hello-from-A") as A -> "hello-from-A" (isError: False)
|
||||
```
|
||||
**Per-user EXECUTION proof (whoami):**
|
||||
```
|
||||
whoami as A (user-a@servicetitan.com) -> "user-a@servicetitan.com"
|
||||
whoami as B (user-b@servicetitan.com) -> "user-b@servicetitan.com"
|
||||
```
|
||||
Each caller's `Arcade-User-ID` is injected into `context.user_id` and returned — the tool provably
|
||||
executes as the calling user (distinct identity per caller, no shared/service identity). Also
|
||||
validates **cat-9 Stage-2** (full tunnel-registration chain) end-to-end.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user