Resolve Vulnerability prompt migration to AIGW

Darby Freyrequested to merge
vr-aigw-migration into master

What does this MR do and why?

This MR is a restart of Add AIGW completion migration for Resolve Vulne... (!170867 - closed) and part of #482070 (closed). This MR adds the Gitlab::Llm::AiGateway::Completions::ResolveVulnerability completion, which moves the prompt to the AI Gateway (see feat: add prompt for resolve_vulnerability (gitlab-org/modelops/applied-ml/code-suggestions/ai-assist!1334 - merged)).

The changes in this MR are activated by the prompt_migration_resolve_vulnerability feature flag.

This MR was originally started in Add AIGW service class for resolve_vulnerability (!165884 - closed), which was split up into this MR and Extracts Resolve Vulnerability completion helpers (!170475 - merged)

Much of the change in this MR is related to extracting the completion tests to a shared context, which both implementations can use to ensure no regressions while maintaining both code paths.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

  1. Setup - If needed, follow the instructions in this MR to set up Resolve Vulnerability with AI in the GDK - https://handbook.gitlab.com/handbook/engineering/development/sec/govern/threat-insights/ve_vr_setup/

  2. First, ensure the original completion works by ensuring the prompt_migration_resolve_vulnerability feature flag is disabled.

    1. Tail the AI Gateway logs with gdk tail gitlab-ai-gateway.
    2. Test Resolve Vulnerability for any supported CWE listed in a project's vulnerability report.
    3. In the AI Gateway logs, the path of the request in the logs should be path=/v1/proxy/anthropic/v1/messages if the prompt_migration_resolve_vulnerability feature flag is disabled.

  3. Next, enable the prompt_migration_resolve_vulnerability feature flag in the GDK.

  4. Clear the cache to ensure a new request to the AIGW Rails.cache.clear

  5. Test Resolve Vulnerability for the same CWE you tested previously while tailing the AI Gateway logs.

    1. The path of the request in the logs should be path=/v1/prompts/resolve_vulnerability if the prompt_migration_resolve_vulnerability feature flag is enabled.
Edited by Darby Frey

Merge request reports