Sharang Parnerkar
079f913024
CI / Check (pull_request) Successful in 8m18s
CI / Detect Changes (pull_request) Has been skipped
CI / Deploy Agent (pull_request) Has been skipped
CI / Deploy Dashboard (pull_request) Has been skipped
CI / Deploy Docs (pull_request) Has been skipped
CI / Deploy MCP (pull_request) Has been skipped
A minimal Axum binary that mounts compliance-core's M7.1 middleware on three endpoints (public health, protected GET echo, protected POST echo) so we can prove the tenant-gating contract end-to-end against a live KC before any auth-path PR merges. scripts/smoke.sh drives the binary against the five test users defined in the certifai realm (admin/user → active, trial/frozen/archived) and asserts the exact response code per (user × method × endpoint). Run it once before touching auth, tenant_status, or org_roles code. Validated locally — 15/15 assertions pass: * anon/bogus → 401 on protected, 200 on /health * active/trial → 200 on read + write * frozen → 200 read, 402 write (read-after-cancel gate) * archived → 410 read + 410 write (retention window closed) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>