Skip to content

Check that Code Suggestions is within License for SM

Aleksei Lipniagov requested to merge 420051-check-code-sugg-license-feature-in-rules into master

What does this MR do and why?

Resolves #420051 (closed)

We must add a license check (::License.feature_available?(:code_suggestions)) into our policies/rules.

This way, we enforce that only the Licensed EE instance (EE Premium/Ultimate) have an access to Code Suggestions.
PM's (Roger's) confirmation in Slack: https://gitlab.slack.com/archives/C04KWTK3GFJ/p1690493214691099?thread_ts=1690471296.130199&cid=C04KWTK3GFJ

Also, it is necessary to guard any EE feature according to our EE/CE separation guide: https://docs.gitlab.com/ee/development/ee_features.html#guard-your-ee-feature

How to set up and validate locally

The manual test is straightforward but could take some time (many little steps).

Check as licensed EE instance

  1. Make sure you have a license on your GDK
  2. Check the "Enable Code Suggestions for this instance" toggle. You could refer to !127987 (merged) for screenshots. You could double check in rails console: ::Gitlab::CurrentSettings.reload.instance_level_code_suggestions_enabled (should be true)
  3. The flow in !125563 (merged) will work as described

Check as CE

Refer to https://docs.gitlab.com/ee/development/ee_features.html#simulate-a-ce-instance-with-a-licensed-gdk

  1. Create an env.runit file in the root of your GDK with the line: export FOSS_ONLY=1
  2. Then restart the GDK: gdk restart rails && gdk restart webpack. Now we simulate CE (or EE Free, that is the same)
  3. The flow in !125563 (merged) will return {"message":"401 Unauthorized"}%

Technically, for CE you will not see Code Suggestions section in App Settings. But for the sake for the test, let's assume it was enabled already. We have this case: EE Free users who applied for Code Suggestions Beta. These users could have instance_level_code_suggestions_enabled set as true in their DB, but with this rule, we wouldn't allow them to access it, even with PAT.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #420051 (closed)

Edited by Aleksei Lipniagov

Merge request reports