284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
Service Proxy Demo Extension
This sample demonstrates a full extension (Server Component + Iframe UI) that uses the Service Proxy pattern.
- Server Component: Retrieves an API key from the Runner secrets store and calls the Alga PSA Tickets API via the Runner's HTTP capability.
- Iframe UI: Exposes the ticket data through the UI proxy capability without ever leaking the API key to the browser.
How it works
- The component expects the Runner to inject a secret named
ALGA_API_KEY. - The install's config can optionally define
algaApiBaseto override the API base URL (defaults tohttps://api.alga-psa.local). - When the component receives an HTTP request under
/dynamic/tickets, it fetches tickets directly from the Alga API and returns JSON to the gateway. - When the iframe UI calls
callProxyJson(uiProxy, '/tickets/list', { limit: 10 }), the Runner forwards the request to the same component via the UI proxy channel. The component repeats the fetch server-side and returns JSON to the iframe. The iframe only ever sees the response payload, never the API key.
See tests/handler.test.ts for mocked end-to-end coverage.
Building and Testing
npm install
npm test
npm run build
The npm run build command will:
- Transpile the TypeScript handler to JavaScript.
- Componentize the JavaScript into a WASM component (
dist/component.wasm) usingjco. - Prepare the metadata for the extension.
Project Structure
src/- Server-side component logic (SDK-based).ui/- Client-side iframe UI.wit/- WIT definitions for the runner interface.manifest.json- Extension manifest.