GitLab Duo MR Reviews Authentication Error with Self-Hosted Models
Summary
GitLab Duo Merge Request reviews fail with authentication errors when using self-hosted models (Azure GPT-4). The error indicates the system is attempting to use Claude Sonnet 4 instead of the configured Azure GPT-4 model, resulting in a TypeError due to missing authentication credentials for Claude.
Steps to reproduce
- Configure GitLab Self-Managed 18.4 with AI Gateway 18.4 using Helm Chart
- Set up self-hosted model using Azure GPT-4 (azure/gpt-4) via the GUI configuration
- Attempt to perform a Merge Request review using GitLab Duo
- Observe authentication error in AI Gateway logs
Example Project
Not applicable - this is a configuration/infrastructure issue affecting GitLab Duo MR Reviews feature with self-hosted models.
What is the current bug behavior?
- Duo MR Reviews fails with TypeError: "Could not resolve authentication method. Expected either api_key or auth_token to be set"
- Logs show the system is using
claude-sonnet-4-20250514instead of the configuredazure/gpt-4model
What is the expected correct behavior?
- Duo MR Reviews should use the configured self-hosted model (Azure GPT-4)
- The correct GPT-based prompt should be selected and executed
Relevant logs and/or screenshots
Error from llm.log:
{"status_code": null, "exception_class": "TypeError", "backtrace": "Traceback (most recent call last):\n...\nTypeError: \"Could not resolve authentication method. Expected either api_key or auth_token to be set. Or for one of the `X-Api-Key` or `Authorization` headers to be explicitly omitted\"\n", "correlation_id": "01K6B8V2NG4HRVC3CN3PS003C9", "extra": {"model_engine": "anthropic-chat", "model_name": "claude-sonnet-4-20250514"}, "logger": "exceptions", "level": "error", "type": "mlops", "stage": "main", "timestamp": "2025-09-29T17:38:03.842919Z", "message": "\"Could not resolve authentication method. Expected either api_key or auth_token to be set. Or for one of the `X-Api-Key` or `Authorization` headers to be explicitly omtted\""}Prompt selection log:
{"prompt_id": "review_merge_request", "prompt_name": "Claude 4.0 Review Merge Request", "prompt_version": "1.3.0", "model_identifier": null, "gitlab_feature_enabled_by_namespace_ids": null, "correlation_id": "01K6B8V2NG4HRVC3CN3PS003C9", "logger": "prompts", "level": "info", "type": "mlops", "stage": "main", "timestamp": "2025-09-29T17:38:03.800487Z", "message": "Returning prompt from the registry"}Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: \`sudo gitlab-rake gitlab:env:info\`) (For installations from source run and paste the output of: \`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production\`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:check SANITIZE=true`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`) (we will only investigate if the tests are passing)
Possible fixes
Patch release information for backports
If the bug fix needs to be backported in a patch release to a version under the maintenance policy, please follow the steps on the patch release runbook for GitLab engineers.
Refer to the internal "Release Information" dashboard for information about the next patch release, including the targeted versions, expected release date, and current status.
High-severity bug remediation
To remediate high-severity issues requiring an internal release for single-tenant SaaS instances, refer to the internal release process for engineers.