Onboard dot com instance to Duo Workflow settings
What does this MR do and why?
The goal of this MR is to onboard the .com instance to setup composite identity for Duo Workflow. The intention is that this runs once to complete the onboarding.
The code is designed to continue workload creation even if the Duo Workflow setup fails, with plans to improve this in a future update.
To de-risk, this feature is controlled by a new feature flag called "ai_duo_workflow_composite_identity_onboarding" which is disabled by default.
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
- Setup GDK to work with Duo Workflow https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/duo_workflow.md
- Open rails console
rails console - Enable the feature flag for this MR
Feature.enable(:ai_duo_workflow_composite_identity_onboarding)- Verify that DuoWorkflow is not available:
::Ai::DuoWorkflow.available? # should be false
Ai::Setting.instance.duo_workflow_service_account_user_id # should be nil- Start a Workflow (probably easiest via cURL)
curl -H "Private-Token: glpat-<redacted>-" -XPOST 'http://127.0.0.1:3000/api/v4/ai/duo_workflows/workflows?project_id=1000000&start_workflow=true&goal=Create+a+hello+world'- In the rails console verify that Duo Workflow is available:
::Ai::DuoWorkflow.available? # should be true
Ai::Setting.instance.duo_workflow_service_account_user_id # should be an integerMR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #534842 (closed)
Edited by Fred de Gier