Store duo_chat IJWT on SM instance
What does this MR do and why?
Store the access token we receive from CDot.
On SaaS: no changes are expected at all (the code path is not executed).
On SM instances: the change is no-op until CustomersDot sends the token (protected by FF on the CustomersDot side).
How to set up and validate locally
-
Make sure CustomersDot is set up locally and connected to GDK as described in: https://gitlab.com/gitlab-org/customers-gitlab-com/-/merge_requests/8265
-
Use https://gitlab.com/gitlab-org/customers-gitlab-com/-/merge_requests/8265 for local CDot instance until it's merged.
-
Enable or hack Cdot FF in
app/services/gitlab/add_on_purchases/duo_chat_tokens_service.rb
: https://gitlab.com/gitlab-org/customers-gitlab-com/-/merge_requests/8265/diffs#19c778726dc2e16211f393fd63590a786027a8d3_0_15:
diff --git a/app/services/gitlab/add_on_purchases/duo_chat_tokens_service.rb b/app/services/gitlab/add_on_purchases/duo_chat_tokens_service.rb
index 604b9c867..2dd240193 100644
--- a/app/services/gitlab/add_on_purchases/duo_chat_tokens_service.rb
+++ b/app/services/gitlab/add_on_purchases/duo_chat_tokens_service.rb
@@ -12,6 +12,7 @@ def initialize(license)
private
def issue_token?
+ return true
Unleash.enabled?(:create_duo_chat_token)
end
(in case of latter, restart the CDot)
-
Make sure you have Ultimate license on your GDK (obtained via local CDot)
-
Do the manual license sync:
-
Open rails console.
-
You should be able to see
duo_chat
tokens saved into GitLab DB:
[18] pry(main)> Ai::ServiceAccessToken.active.duo_chat
Ai::ServiceAccessToken Load (1.6ms) SELECT "service_access_tokens".* FROM "service_access_tokens" WHERE (expires_at > '2023-09-19 13:46:49.343845') AND "service_access_tokens"."category" = 2 /*application:console,db_config_name:main,console_hostname:Alekseis-MBP-2.home,console_username:al,line:bin/rails:4:in `<main>'*/
=> [#<Ai::ServiceAccessToken:0x0000000169d3ea68
id: 7,
created_at: Tue, 19 Sep 2023 12:42:13.984615000 UTC +00:00,
updated_at: Tue, 19 Sep 2023 12:42:13.984615000 UTC +00:00,
category: "duo_chat",
encrypted_token: "[FILTERED]",
encrypted_token_iv: "\xDD\xC0\xA8\xC9\xC2\xAC\x0F\xB6\xB0\xD6\xBE\xD0",
expires_at: Fri, 22 Sep 2023 12:42:13.000000000 UTC +00:00,
token: nil>]
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #425046 (closed)