Fix Self Hosted Duo features
What does this MR do and why?
A significant underlying issue was identified during troubleshooting of Self-Hosted beta features in this issue.
All Self-Hosted features currently in beta don't work properly in self-hosted environments due to permission check issues. This affects both air-gapped and online instances. The problem occurs because:
- The system doesn't correctly use
self_hosted_modelsas the service name during permission checks - Features like
/includecommand and "Explain Vulnerability" don't appear or function properly - For some features like
/troubleshoot, permission checks were okay, but the request was being made to AI Gateway with the wrong token, and hence the requests were failing. Only ifservice_nameis set to:self_hosted_modelswill the right access token be used for requests made to the AIGW.
Since these changes are risky, and are being made in the last day of 18.0, we are merging the changes behind the feature flag named self_hosted_duo_beta_features. Self Hosted customers, using 18.0, will have to enable this feature flag for Self Hosted Duo Beta features to work.
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.