Skip to content

Code suggestions third party group settings API and token

Alper Akgun requested to merge aa-api-for-third_party_ai_features_enabled into master

What does this MR do and why?

Code suggestions third party group settings API and token

  • Empowers group admins to decide on third party AI API access
  • Makes the legacy ml/ai-assist API return user's third party AI service setting
  • Makes the new JWT token to wrap and return user's third party AI service setting

Related https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/143

Screenshots or screen recordings

We now use the toggle for Third party AI Services, independent of the AI Experimental features.

Before After
image image

How to set up and validate locally

  1. In rails console enable all related feature flags
Feature.enable(:openai_experimentation)
Feature.enable(:ai_assist_ui)
Feature.enable(:ai_assist_flag)
Feature.enable(:ai_related_settings)
Feature.enable(:ai_assist_api)
  1. Call the legacy ML/AI assist API and get the result
curl http://gdk.test:3000/api/v4/ml/ai-assist --header "Authorization: Bearer <oauth/pat>" 

Result

{
  "user_is_allowed": true,
  "third_party_ai_features_enabled": true
}
  1. Call the other token API
curl --request POST "http://gdk.test:3000/api/v4/code_suggestions/tokens"  --header "Authorization: Bearer <oauth/pat>"  --header "Content-type: application/json"
  1. The decoded JWT token will look like the following
{
  "jti": "427a2ee4-225f-4fe8-9f9a-3cdc6ecf6782",
  "aud": "gitlab-code-suggestions",
  "iss": "http://gdk.test:3000",
  "iat": 1686225596,
  "nbf": 1686225591,
  "exp": 1686229196,
  "third_party_ai_features_enabled": false
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Tan Le

Merge request reports

Loading