feat: authorize v1/chat/* endpoints with unit primitives
What does this merge request do and why?
This MR implements Duo Chat v1 endpoints with the auth layer matching the existing Duo Chat tools as described in gitlab-org/gitlab#456703 (closed).
Relates to gitlab-org/gitlab!156387 (closed).
Closes gitlab-org/gitlab#456703 (closed).
Existing Duo Chat tools: https://gitlab.com/gitlab-org/gitlab/-/blob/017c2584725e80dccd797c4bf8126888fb50c487/ee/lib/gitlab/llm/completions/chat.rb#L23-23
How to set up and validate locally
- Create the JWT either manually via jwt.io (don't forget to update
AIGW_SELF_SIGNED_JWT__SIGNING_KEY
andAIGW_SELF_SIGNED_JWT__VALIDATION_KEY
with the appropriate keys) or following the official doc.
Eg, JWT payload:
{
"iss": "gitlab-ai-gateway",
"sub": "777",
"aud": "gitlab-ai-gateway",
"exp": 1718209311,
"nbf": 1718205711,
"iat": 1718205711,
"jti": "fe85272d-0594-4011-b9fb-f5233e4799bd",
"gitlab_realm": "sass",
"scopes": [
"code_suggestions",
"duo_chat"
]
}
- Request one of the available endpoints with the appropriate unit primitive:
v1/chat/agent
v1/chat/explain_code
v1/chat/write_tests
v1/chat/refactor_code
v1/chat/explain_vulnerability
Merge request checklist
-
Tests added for new functionality. If not, please raise an issue to follow up. -
Documentation added/updated, if needed.
Edited by Alexander Chueshev