Skip to main content

CustomerInstanceOpsDashboard

CustomerInstanceOpsDashboard is the dashboard surface for checking whether a customer runtime is actually isolated, correctly bound, billable, and healthy.

It lives at:

web/typescript/valkyr_labs_com/src/components/CustomerInstanceOps/CustomerInstanceOpsDashboard.tsx

Component Contract

The component receives a CustomerInstanceOpsSnapshot from:

web/typescript/valkyr_labs_com/src/services/customerInstanceOps.ts

That service keeps the runtime view source-backed by platform APIs:

GET  /v1/runtime/isolation
POST /v1/thorapi/host-instances
GET  /v1/memoryentry/stats
GET  /v1/graymatter/stats
GET  /v1/contentdata/stats
GET  /v1/contentmedialink/stats
GET  /v1/principal/stats
GET  /v1/content-media-links/audit
GET  /v1/credits/me/balance/summary

/v1/runtime/isolation is the authority for customer runtime isolation. The dashboard does not infer tenant safety from deployment labels alone.

UX Behavior

  • Shows the active customer schema or tenant schema reported by runtime isolation metadata.
  • Shows whether the runtime is isolated or still using a shared/platform connection.
  • Shows database scope, application data-plane mode, application database name, application database host, runtime auth mode, runtime RBAC mode, deployment target, and deployment stage.
  • Warns when a managed app_database runtime reports a database name that does not match the server-derived appdb_<organization_uuid_without_dashes>_<application_id_prefix> contract.
  • Shows live JDBC catalog/schema alignment so app-database and tenant-schema mismatches are visible to operators.
  • Shows whether a managed credential reference is configured without exposing the credential reference value.
  • Shows the database privilege probe result, including whether forbidden platform or sibling tables are readable.
  • Shows customer credit health and hosted runtime endpoint/status.
  • Shows GrayMatter and RBAC entity counts for quick readiness triage.

Security Boundary

The dashboard is observational. It does not expose schema switching controls, database credential references, direct tenant table reads, generated DataWorkbook access to tenant isolation registry models, or raw runtime secrets.

Backend services remain responsible for:

  • resolving tenant schema and application data-plane binding metadata
  • deciding whether paid runtime isolation is ready
  • checking JDBC catalog/schema alignment
  • running the database privilege probe
  • hiding credential references and other sensitive placement details
  • enforcing tenant/schema/admin authorization

Tests

Focused coverage lives at:

src/components/CustomerInstanceOps/CustomerInstanceOpsDashboard.test.tsx
src/services/customerInstanceOps.test.ts

The tests verify tenant schema display, app-database placement display, managed app database naming warnings, runtime RBAC display, billing state, hosted runtime state, GrayMatter/RBAC counts, JDBC alignment messaging, and explicit warnings when the runtime can read forbidden platform or sibling tables.