## Overview This issue tracks the creation of an Architecture Decision Record (ADR) to document the approach for automating GitLab license provisioning with the GitLab Duo Enterprise add-on in the GitLab Development Kit (GDK). The ADR addresses a critical bottleneck in the AI development workflow: team members currently require manual intervention from the Fulfillment team to obtain GitLab Duo Enterprise add-ons, creating delays of several hours and reducing developer productivity. ## Problem Statement **Current State:** - Developing GitLab AI features requires a GitLab subscription with an Ultimate license and the GitLab Duo Enterprise add-on - The GitLab Duo Enterprise add-on can only be provisioned through a manual process requiring Fulfillment team intervention - This manual process creates a significant bottleneck, with provisioning requests taking several hours to complete - There is no self-service provisioning flow available in CustomersDot (GitLab's customer portal) **Impact:** - **Developer Productivity:** Team members experience delays waiting for add-on provisioning, blocking their ability to set up environments and start work - **Review Quality:** High friction discourages reviewers from testing AI features locally, leading to reliance on code review alone and increased likelihood of missed defects - **Team Load:** The Fulfillment team bears operational burden of processing individual add-on requests, creating inefficiency for both requesters and provisioners ## Solution Approach The ADR proposes an automated, self-service solution that integrates license provisioning into the GDK setup process: - **Automated Provisioning:** GDK automatically provisions GitLab subscriptions with Ultimate licenses and GitLab Duo Enterprise add-ons during setup - **Secure Authentication:** Team members authenticate through GitLab staging to staging CustomersDot using personal access tokens - **Local License Storage:** Licenses are stored encrypted locally in the `gdk.yml` file for use in the local instance - **Flexible Configuration:** Support for different combinations of products and seat counts via `gdk.yml` configuration - **Multi-Scenario Support:** Handles fresh GDK installations, existing GDK instances, and cells infrastructure deployments ## Key Deliverables The ADR includes: - **System Capabilities Overview:** Detailed specifications for infrastructure, SDKs, security, development workflow, testing, deployment, rollout management, observability, and governance - **Design & Implementation Details:** Step-by-step flows for fresh installs, existing instances, and cells-enabled deployments - **Authentication Strategy:** Secure proxy-based authentication through GitLab staging to CustomersDot - **Configuration Schema:** YAML-based configuration for license provisioning settings - **Alternative Solutions:** Evaluation of shared subscription approach and future CustomersDot purchase flow integration ## Related Issues & MRs - **ADR Merge Request:** [gitlab-com/content-sites/handbook!16646](https://gitlab.com/gitlab-com/content-sites/handbook/-/merge_requests/16646) - GitLab Duo enterprise self provisioning ADR - **Related Issue:** [gitlab-development-kit#2133](https://gitlab.com/gitlab-org/gitlab-development-kit/-/issues/2133) - GDK license provisioning discussion - **Fulfillment Meta:** [gitlab-org/fulfillment/meta#2499 (closed)](https://gitlab.com/gitlab-org/fulfillment/meta/-/issues/2499) - Authentication process details ## Success Criteria - [x] ADR document created and reviewed - [x] Design decisions documented with rationale - [x] Implementation approach defined for all deployment scenarios - [x] Security and authentication aspects validated ## Impacted Categories The following categories relate to this issue: - [ ] ~&quot;gdk-reliability&quot; - e.g. When a GDK action fails to complete. - [x] ~&quot;gdk-usability&quot; - e.g. Improvements or suggestions around how the GDK functions. - [ ] ~&quot;gdk-performance&quot; - e.g. When a GDK action is slow or times out. ## Status <!--STATUS NOTE START--> <!--STATUS NOTE END-->