Link composite identity when assigning service account users to MRs or issues

Keeyan Nejadrequested to merge
583306-assigning-service-account-to-issues-and-mrs-for-ai-catalog-flows-fails into master

What does this MR do and why?

When checking abilities for composite identities we always return false if the composite identity is not linked.

This causes issues when assigning a service account user to an issue or merge request, or when setting it as a reviewer.

In these cases we should link the identity before checking the privileges of the user.

References

Screenshots or screen recordings

Before After

How to set up and validate locally

Example yaml 
version: "v1"
environment: ambient
components:
   - name: "my_agent" 
     type: AgentComponent
     prompt_id: "my_local_prompt"
     inputs:
       - from: "context:goal"
         as: goal
       - from: "context:project_id"
         as: project_id
     toolset: ["update_merge_request", "update_issue", "get_issue", "get_merge_request"]
prompts:
    - prompt_id: "my_local_prompt"
      name: "Code Analysis Assistant"
      unit_primitives: []
      prompt_template:
          system: |
            You are a fan of cats.
            Whenever assigned to a merge request, assigned to an issue, set as the reviewer for an issue, or if you are mentioned, you will update the description to include a few cat facts.
            Use the update_merge_request or update_issue command to update the description. Do not remove existing content, only append the cat facts.
          user: |
            Your goal is: {{goal}}
            You are enabled in project {{project_id}}
      params:
          timeout: 180
routers:
   - from: "my_agent"
     to: "end"
flow:
   entry_point: "my_agent"
  • Go to http://gdk.test:8080/explore/ai-catalog/flows/ and enable the flow in the gitlab-duo group
  • Go back to http://gdk.test:8080/gitlab-duo/test/-/automate/flows and click "Enable flow from group" and enable the flow you created
  • Assign the flows service account (ai-{flow name}-{group name}) to an issue and confirm a flow starts (a comment should be posted)
  • Confirm the same for merge requests by assigning it to a merge request
  • Confirm the same for reviewer by setting it as a reviewer of a merge request

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #583306 (closed)

Edited by Keeyan Nejad

Merge request reports