Authorize Work Item mutations for ai_workflows scope
What does this MR do and why?
This MR adds support for the ai_workflows scope to WorkItem create and update mutations, allowing Duo Workflow to perform these operations through the GraphQL API.
References
Screenshots or screen recordings
| Before | After |
|---|---|
How to set up and validate locally
- In the rails console of the GDK, create a new OAuth access token with
ai_workflowsscope.
[1] pry(main)> application = Doorkeeper::Application.create!(
name: "AI Workflows App",
redirect_uri: "urn:ietf:wg:oauth:2.0:oob",
scopes: "ai_workflows",
owner: User.find_by_username("root")
)
=> #<Doorkeeper::Application:0x00000003301b4d50
[2] pry(main)> Doorkeeper::AccessToken.create!(
application_id: application.id,
resource_owner_id: application.owner.id,
scopes: "ai_workflows",
expires_in: 1.year.to_i,
organization_id: Namespace.first.id
).plaintext_token
...
=> "dd147d4714347252e84e845a4080f9af375b6c7cebafa83f0a91c991ed064e71"- Send a request with the new token to a relevant endpoint - update your query with your token.
curl -X POST http://127.0.0.1:3000/api/graphql \
-H "Authorization: Bearer dd147d4714347252e84e845a4080f9af375b6c7cebafa83f0a91c991ed064e71" \
-H "Content-Type: application/json" \
--data '{
"query": "mutation CreateWorkItemEpic { workItemCreate(input: { title: \"New work item\", namespacePath: \"gitlab-org\", workItemTypeId: \"gid://gitlab/WorkItems::Type/8\" }) { workItem { id title } } }"
}' | jqResponse should include requested WorkItem details and notes:
{
"data": {
"workItemCreate": {
"workItem": {
"id": "gid://gitlab/WorkItem/706",
"title": "New work item"
}
}
}
}- Update the work item - update the query with your work item ID:
curl -X POST http://127.0.0.1:3000/api/graphql \
-H "Authorization: Bearer dd147d4714347252e84e845a4080f9af375b6c7cebafa83f0a91c991ed064e71" \
-H "Content-Type: application/json" \
--data '{
"query": "mutation UpdateWorkItem { workItemUpdate(input: { id: \"gid://gitlab/WorkItem/706\", title: \"Updated work item title\" }) { workItem { id title } } }"
}' | jqResponse:
{
"data": {
"workItemUpdate": {
"workItem": {
"id": "gid://gitlab/WorkItem/706",
"title": "Updated work item title"
}
}
}
}- Create a note for work item:
curl -X POST "http://127.0.0.1:3000/api/graphql" \
-H "Authorization: Bearer dd147d4714347252e84e845a4080f9af375b6c7cebafa83f0a91c991ed064e71" \
-H "Content-Type: application/json" \
--data '{"query": "mutation CreateNote { createNote(input: { noteableId: \"gid://gitlab/WorkItem/703\", body: \"This is a test note from the API\" }) { note { id body author { username } } } }"}' | jqResponse:
{
"data": {
"createNote": {
"note": {
"id": "gid://gitlab/Note/2622",
"body": "This is a test note from the API",
"author": {
"username": "root"
}
}
}
}
}- Update the note:
curl -X POST "http://127.0.0.1:3000/api/graphql" \
-H "Authorization: Bearer dd147d4714347252e84e845a4080f9af375b6c7cebafa83f0a91c991ed064e71" \
-H "Content-Type: application/json" \
--data '{"query": "mutation UpdateNote { updateNote(input: { id: \"gid://gitlab/Note/2256\", body: \"This is an updated note from the API\" }) { note { id body author { username } } } }"}' | jqResponse:
{
"data": {
"updateNote": {
"note": {
"id": "gid://gitlab/Note/2256",
"body": "This is an updated note from the API",
"author": {
"username": "root"
}
}
}
}
}MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to gitlab-org/modelops/applied-ml/code-suggestions/ai-assist#1264 (closed)
Edited by Eva Kadlecová