Create initial Tanuki bot api endpoint

What does this MR do and why?

Related https://gitlab.com/gitlab-org/enablement-section/tanuki-bot/-/issues/2

Creates an API endpoint that receives and responds with json:

• POST /-/llm/tanuki_bot/ask
• { "q": "What is advanced search?" }

This is part of a series of MRs and should be reviewed and merged in this order

MR	status
Add support for the embedding database (!118156 - merged) (db setup)	merged
Add the tanuki_bot model (!118195 - merged) (migration)	merged
Create initial Tanuki bot api endpoint (!117695 - merged) (api)	in review

Screenshots or screen recordings

How to set up and validate locally

1. Feature.enable(:openai_experimentation)
2. Feature.enable(:tanuki_bot)
3. ::Gitlab::CurrentSettings.update!(openai_api_key: '<YOUR_KEY>')
4. Follow instructions for settings up the MR dependency: Add support for the embedding database (!118156 - merged)
5. Run migrations:

   rails db:migrate

6. * Clone the tanuki-bot repository
7. * cd into the pgvector folder
8. * use asdf to install python (should be python 3.11.3)

   asdf install python

9. * install pip
10. * install requirements

    pip install -r requirements.txt

11. * run the command to copy the chroma db to the gdk postgres database

    OPENAI_API_KEY=not-an-actual-key PG_USER=<Your user> PG_HOST=<Your gdk install directory>/postgresql python chroma_to_pg.py

12. Make an API request to POST /-/llm/tanuki_bot/ask

* you only need to do this once to have data in the embedding database.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

ee/app/controllers/llm/tanuki_bot_controller.rb

@@ -2,18 +2,12 @@
 
 module Llm
   class TanukiBotController < ApplicationController
-    # TODO - ignore non json requests, maybe need to do this in routes config with constraints
-
-    # ActionController::InvalidAuthenticityToken
-    # check with frontend to see if we need this
     skip_before_action :verify_authenticity_token
 
     wrap_parameters format: []
     feature_category :global_search
 
     def ask
-      # setting content-type to application/xml or html throws an error in the service
-      # the respond_to isn't working the way we expect and needs to be fixed
       respond_to do |format|
         format.json { render json: service.execute, status: :ok }
         format.any { head :bad_request }
@@ -22,12 +16,8 @@ def ask
 
     private
 
-    def permitted_params
-      params.permit(:q)
-    end
-
     def service
-      ::Gitlab::Llm::TanukiBot.new(current_user: current_user, question: permitted_params[:q])
+      ::Gitlab::Llm::TanukiBot.new(current_user: current_user, question: params.require(:q))
     end
   end
 end