## Problem When a user requests a review from `@GitLabDuo`, the engine is determined by licensing: if the user has a Duo Enterprise seat, they always get GitLab Duo Code Review (non-DAP), even if DAP is configured and GitLab Duo Code Review Flow is explicitly enabled. The only override today is removing the user's Duo Enterprise seat. This means customers who have set up DAP and enabled Code Review Flow are silently routed to GitLab Duo Code Review. The better experience is unreachable for anyone with a Duo Enterprise seat. --- ## Proposal Invert the routing priority. The GitLab Duo Code Review Flow toggle becomes the authoritative signal for which engine runs, not the presence of a Duo Enterprise license. ### Routing logic | GitLab Duo Code Review Flow | Duo Enterprise | Result | |-----------------------------|----------------|--------| | Enabled + consented | Yes | **Code Review Flow (DAP)** (changed) | | Enabled + consented | No | Code Review Flow (DAP) (unchanged) | | Enabled, no consent | Yes | GitLab Duo Code Review (transitional state for existing groups) | | Disabled | Yes | GitLab Duo Code Review (unchanged) | | Disabled | No | No review (unchanged) | If GitLab Duo Code Review Flow is enabled, Code Review Flow runs. Duo Enterprise status no longer affects routing. Customers who want to stay on GitLab Duo Code Review keep the flow disabled. Because foundational flows are toggled individually at the group settings level (Settings \> GitLab Duo \> Change configuration), disabling GitLab Duo Code Review Flow does not affect any other foundational flow. --- ## User experience ### New groups enabling GitLab Duo Code Review Flow When a group Owner or Administrator enables GitLab Duo Code Review Flow, a confirmation modal appears before the setting is saved: **Modal: "Enable GitLab Duo Code Review Flow?"** > Enabling this will route all Duo Code Reviews in this namespace through the Duo Agent Platform (DAP) instead of GitLab Duo Code Review. > > **What changes:** > > - Reviews will run as Code Review Flow, consuming GitLab Credits ($0.25/review). > - GitLab Duo Code Review will no longer run for this namespace, regardless of seat assignments. > > **To revert:** Uncheck GitLab Duo Code Review Flow in these settings at any time. > > \[Cancel\] \[**Enable Code Review Flow**\] On confirm, the setting is saved and Code Review Flow routing becomes active. Helper text appears below the checkbox: > _"Code Review Flow is active for all users in this namespace. Duo Enterprise seat assignments do not affect which review engine runs."_ ### Existing groups with both Duo Enterprise and GitLab Duo Code Review Flow already enabled These groups have the flow enabled but are silently routed to GitLab Duo Code Review today. They should not be automatically switched to Code Review Flow without explicit acknowledgment. The proposed approach is to require a toggle off and back on, which puts them through the same confirmation modal. The helper text is the indicator that consent has been given: groups that haven't re-confirmed will see the flow enabled but no helper text, and will remain on GitLab Duo Code Review until they do. ### When a Code Review Flow run fails Follow the existing Code Review Flow error state. No new error handling required. --- ## Release Notes If your group has GitLab Duo Code Review Flow enabled, your reviews now run through DAP regardless of whether members hold a Duo Enterprise seat — the flow toggle is the authoritative signal for which engine runs, not licensing. If you'd rather stay on the previous Code Review engine, just leave the flow toggle disabled.