diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-09-26 15:10:48 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-09-26 15:10:48 +0300 |
commit | cd5179ede2020b45b4de70a10fb09cfcfe85c3df (patch) | |
tree | 57e78abcff2613b8915228bf1a01c8db0aa3caee /doc/architecture | |
parent | 576bba90f9b4b4fdd604871805469f57c147e07c (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/architecture')
-rw-r--r-- | doc/architecture/blueprints/ai_gateway/img/architecture.png | bin | 142929 -> 242553 bytes | |||
-rw-r--r-- | doc/architecture/blueprints/ai_gateway/index.md | 20 |
2 files changed, 12 insertions, 8 deletions
diff --git a/doc/architecture/blueprints/ai_gateway/img/architecture.png b/doc/architecture/blueprints/ai_gateway/img/architecture.png Binary files differindex e63b4ba45d1..89e7263c30d 100644 --- a/doc/architecture/blueprints/ai_gateway/img/architecture.png +++ b/doc/architecture/blueprints/ai_gateway/img/architecture.png diff --git a/doc/architecture/blueprints/ai_gateway/index.md b/doc/architecture/blueprints/ai_gateway/index.md index 08cd8b691d4..8c5a13d2e76 100644 --- a/doc/architecture/blueprints/ai_gateway/index.md +++ b/doc/architecture/blueprints/ai_gateway/index.md @@ -32,7 +32,7 @@ translate the content of the redirected request where needed. ![architecture diagram](img/architecture.png) -[src of the architecture diagram](https://docs.google.com/drawings/d/1PYl5Q5oWHnQAuxM-Jcw0C3eYoGw8a9w8atFpoLhhEas/edit) +[Diagram source](https://docs.google.com/drawings/d/1PYl5Q5oWHnQAuxM-Jcw0C3eYoGw8a9w8atFpoLhhEas/edit) By using a hosted service under the control of GitLab we can ensure that we provide all GitLab instances with AI features in a scalable @@ -385,15 +385,19 @@ different. ## Authentication & Authorization -GitLab will provide the first layer of authorization: It authenticate -the user and check if the license allows using the feature the user is -trying to use. This can be done using the authentication and license +GitLab provides the first layer of authorization: It authenticates +the user and checks if the license allows using the feature the user is +trying to use. This can be done using the authentication, policy and license checks that are already built into GitLab. -Authenticating the GitLab-instance on the AI-gateway will be discussed -in[#177](https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/177). -Because the AI-gateway exposes proxied endpoints to AI providers, it -is important that the authentication tokens have limited validity. +Authenticating the GitLab-instance on the AI-gateway was discussed +in: + +- [Issue 177](https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/177) +- [Epic 10808](https://gitlab.com/groups/gitlab-org/-/epics/10808) + +The specific mechanism by which trust is delegated between end-users, GitLab instances, +and the AI-gateway is covered in the [AI gateway access token validation documentation](../../../development/cloud_connector/code_suggestions_for_sm.md#ai-gateway-access-token-validation). ## Embeddings |