From 17f176df9d38808c718c8238758cd43748934ecb Mon Sep 17 00:00:00 2001 From: Amanda Rueda <2890431-amandarueda@users.noreply.gitlab.com> Date: Fri, 12 Dec 2025 16:23:47 -0600 Subject: [PATCH 1/2] Removing BYOK docs --- .../agents/external_examples.md | 246 +----------------- 1 file changed, 1 insertion(+), 245 deletions(-) diff --git a/doc/user/duo_agent_platform/agents/external_examples.md b/doc/user/duo_agent_platform/agents/external_examples.md index 3aff7b0c3dba93..841504cc2aa9de 100644 --- a/doc/user/duo_agent_platform/agents/external_examples.md +++ b/doc/user/duo_agent_platform/agents/external_examples.md @@ -153,248 +153,4 @@ commands: variables: - GITLAB_TOKEN_CODEX - GITLAB_HOST -``` - -## Bring your own keys - -The following integrations require you to bring your own key to authenticate with your model from GitLab. - -### Amazon Q - -Instead of hard-coding your AWS credentials, store them in the AWS Secrets Manager. Then you can reference them in your YAML file. - -1. [Create an IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html) that does not have console access. -1. Generate an access key pair for programmatic access. -1. In the same AWS account where GitLab Runner is hosted, create a secret in AWS Secrets Manager. Use the following JSON format: - - ```json - { - "q-cli-access-token": {"AWS_ACCESS_KEY_ID": "AKIA...", "AWS_SECRET_ACCESS_KEY": "abc123..."} - } - ``` - - Important: Replace the placeholder values with your actual access key ID and secret access key. - -1. Grant the GitLab Runner IAM role permission to access AWS Secrets Manager. -1. Create a configuration file like the following. - -```yaml -image: node:22-slim -commands: - - echo "Installing glab" - - mkdir --parents ~/.aws/amazonq - - echo $MCP_CONFIG > ~/.aws/amazonq/mcp.json - - export GITLAB_TOKEN=$GITLAB_TOKEN_AMAZON_Q - - apt-get update --quiet && apt-get install --quiet --yes curl wget gpg git unzip && rm --recursive --force /var/lib/apt/lists/* - - curl --silent --show-error --location "https://raw.githubusercontent.com/upciti/wakemeops/main/assets/install_repository" | bash - - apt-get install --yes glab - - echo "Installing Python" - - curl --location --silent --show-error --fail "https://astral.sh/uv/install.sh" | sh - - export PATH="$HOME/.local/bin:$PATH" - - uv python install 3.12 --default - - TEMP_DIR=$(mktemp -d) - - cd "$TEMP_DIR" - - echo "Installing AWS cli" - - curl --proto '=https' --tlsv1.2 --silent --show-error --fail "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" --output "awscliv2.zip" - - unzip -qq awscliv2.zip - - ./aws/install - - echo "Installing jq" - - apt-get install --yes jq - - echo "Installing q client" - - curl --proto '=https' --tlsv1.2 --silent --show-error --fail "https://desktop-release.q.us-east-1.amazonaws.com/latest/q-x86_64-linux.zip" --output "q.zip" - - unzip -qq q.zip - - ./q/install.sh --force --no-confirm - - cd - - - rm -rf "$TEMP_DIR" - - echo "Getting AWS access token" - - | - if SECRET_JSON=$(aws secretsmanager get-secret-value --secret-id "$AWS_SECRET_NAME" --region "$AWS_REGION_NAME" --query SecretString --output text 2>/dev/null); then - export AWS_ACCESS_KEY_ID=$(echo "$SECRET_JSON" | jq -r '."q-cli-access-token" | fromjson | ."AWS_ACCESS_KEY_ID"' ) - export AWS_SECRET_ACCESS_KEY=$(echo "$SECRET_JSON" | jq -r '."q-cli-access-token" | fromjson | ."AWS_SECRET_ACCESS_KEY"') - echo "Success to retrieve secret $AWS_SECRET_NAME" - else - echo "Failed to retrieve secret: $AWS_SECRET_NAME" - exit 1 - fi - - echo "Configuring git" - - git config --global user.email "amazonq@gitlab.com" - - git config --global user.name "AmazonQ Code" - - git remote set-url origin https://gitlab-ci-token:$GITLAB_TOKEN_AMAZON_Q@$GITLAB_HOST/internal-test/q-words-demo.git - - echo "Running q" - - | - AMAZON_Q_SIGV4=1 q chat --trust-all-tools --no-interactive --verbose " - You are an AI assistant helping with GitLab operations. - - Context: $AI_FLOW_CONTEXT - Task: $AI_FLOW_INPUT - Event: $AI_FLOW_EVENT - - Please execute the requested task using the available GitLab tools. - Be thorough in your analysis and provide clear explanations. - - - Use the glab CLI to access data from GitLab. The glab CLI has already been authenticated. You can run the corresponding commands. - - When you complete your work create a new Git branch, if you aren't already working on a feature branch, with the format of 'feature/' and check in/push code. - - When you check in and push code you will need to use the access token stored in GITLAB_TOKEN and the user AmazonQ Code. - Lastly, after pushing the code, if a MR doesn't already exist, create a new MR for the branch and link it to the issue using: - `glab mr create --title "" --description "<desc>" --source-branch <branch> --target-branch <branch>` - - If you are asked to summarize a merge request or issue, or asked to provide more information then please post back a note to the merge request / issue so that the user can see it. - - </important> - " -variables: - - GITLAB_TOKEN_AMAZON_Q - - GITLAB_HOST - - AWS_SECRET_NAME - - AWS_REGION_NAME - - MCP_CONFIG -``` - -### Google Gemini CLI - -```yaml -image: node:22-slim -commands: - - echo "Installing glab" - - export GITLAB_TOKEN=$GITLAB_TOKEN_GEMINI - - apt-get update --quiet && apt-get install --yes curl wget gpg git unzip && rm --recursive --force /var/lib/apt/lists/* - - curl --silent --show-error --location "https://raw.githubusercontent.com/upciti/wakemeops/main/assets/install_repository" | bash - - apt-get install --yes glab - - echo "Installing gemini client" - - npm install --global @google/gemini-cli - - echo $GOOGLE_CREDENTIALS > /root/credentials.json - - echo "Configuring git" - - git config --global user.email "gemini@gitlab.com" - - git config --global user.name "Gemini" - - echo "Running gemini" - - | - GOOGLE_GENAI_USE_VERTEXAI=true GOOGLE_APPLICATION_CREDENTIALS=/root/credentials.json gemini --yolo --debug --prompt " - You are an AI assistant helping with GitLab operations. - - Context: $AI_FLOW_CONTEXT - Task: $AI_FLOW_INPUT - Event: $AI_FLOW_EVENT - - Please execute the requested task using the available GitLab tools. - Be thorough in your analysis and provide clear explanations. - - <important> - Use the glab CLI to access data from GitLab. The glab CLI has already been authenticated. You can run the corresponding commands. - - When you complete your work create a new Git branch, if you aren't already working on a feature branch, with the format of 'feature/<short description of feature>' and check in/push code. - - When you check in and push code you will need to use the access token stored in GITLAB_TOKEN and the user Gemini. - Lastly, after pushing the code, if a merge request doesn't already exist, create a new merge request for the branch and link it to the issue using: - `glab mr create --title "<title>" --description "<desc>" --source-branch <branch> --target-branch <branch>` - - If you are asked to summarize a merge request or issue, or asked to provide more information then please post back a note to the merge request / issue so that the user can see it. - - </important> - " -variables: - - GITLAB_TOKEN_GEMINI - - GITLAB_HOST - - GOOGLE_CREDENTIALS - - GOOGLE_CLOUD_PROJECT - - GOOGLE_CLOUD_LOCATION -``` - -### Opencode - -```yaml -image: node:22-slim -commands: - - echo "Installing opencode" - - npm install --global opencode-ai - - echo "Installing glab" - - export GITLAB_TOKEN=$GITLAB_TOKEN_OPENCODE - - apt-get update --quiet && apt-get install --yes curl wget gpg git && rm --recursive --force /var/lib/apt/lists/* - - curl --silent --show-error --location "https://raw.githubusercontent.com/upciti/wakemeops/main/assets/install_repository" | bash - - apt-get install --yes glab - - echo "Configuring glab" - - echo $GITLAB_HOST - - echo "Creating opencode auth configuration" - - echo "Configuring git" - - git config --global user.email "opencode@gitlab.com" - - git config --global user.name "Opencode" - - echo "Testing glab" - - glab issue list - - echo "Running Opencode" - - | - opencode run " - You are an AI assistant helping with GitLab operations. - - Context: $AI_FLOW_CONTEXT - Task: $AI_FLOW_INPUT - Event: $AI_FLOW_EVENT - - Please execute the requested task using the available GitLab tools. - Be thorough in your analysis and provide clear explanations. - - <important> - Use the glab CLI to access data from GitLab. The glab CLI has already been authenticated. You can run the corresponding commands. - - When you complete your work create a new Git branch, if you aren't already working on a feature branch, with the format of 'feature/<short description of feature>' and check in/push code. - - When you check in and push code, you will need to use the access token stored in GITLAB_TOKEN and the user Opencode. - Lastly, after pushing the code, if a merge request doesn't already exist, create a new merge request for the branch and link it to the issue using: - `glab mr create --title "<title>" --description "<desc>" --source-branch <branch> --target-branch <branch>` - - If you are asked to summarize a merge request or issue, or asked to provide more information then please post back a note to the merge request / issue so that the user can see it. - - </important> - " -variables: - - ANTHROPIC_API_KEY - - GITLAB_TOKEN_OPENCODE - - GITLAB_HOST -``` - -### Cursor CLI - -```yaml -image: node:22-slim -commands: - - echo "Installing Cursor" - - apt-get update --quiet && apt-get install --yes curl wget gnupg2 gpg git && rm --recursive --force /var/lib/apt/lists/* - - curl --silent --show-error --location "https://cursor.com/install" | bash - - echo "Installing glab" - - export GITLAB_TOKEN=$GITLAB_TOKEN_CURSOR - - curl --silent --show-error --location "https://raw.githubusercontent.com/upciti/wakemeops/main/assets/install_repository" | bash - - apt-get install --yes glab - - echo "Configuring Git" - - git config --global user.email "cursor@gitlab.com" - - git config --global user.name "Cursor" - - echo "Running Cursor" - - | - $HOME/.local/bin/cursor-agent -p --force --output-format stream-json "--prompt " - You are an AI assistant helping with GitLab operations. - - Context: $AI_FLOW_CONTEXT - Task: $AI_FLOW_INPUT - Event: $AI_FLOW_EVENT - - Please execute the requested task using the available GitLab tools. - Be thorough in your analysis and provide clear explanations. - - <important> - Use the glab CLI to access data from GitLab. The glab CLI has already been authenticated. You can run the corresponding commands. - - When you complete your work create a new Git branch, if you aren't already working on a feature branch, with the format of 'feature/<short description of feature>' and check in/push code. - - When you check in and push code you will need to use the access token stored in GITLAB_TOKEN and the user Cursor. - Lastly, after pushing the code, if a merge request doesn't already exist, create a new merge request for the branch and link it to the issue using: - `glab mr create --title "<title>" --description "<desc>" --source-branch <branch> --target-branch <branch>` - - If you are asked to summarize a merge request or issue, or asked to provide more information then please post back a note to the merge request / issue so that the user can see it. - - </important> - " -variables: - - GITLAB_TOKEN_CURSOR - - GITLAB_HOST - - CURSOR_API_KEY -``` +``` \ No newline at end of file -- GitLab From 164a196c0063ade3e6cc8a7e3f25a482341cd51f Mon Sep 17 00:00:00 2001 From: Phillip Wells <pwells@gitlab.com> Date: Mon, 15 Dec 2025 16:39:14 -0700 Subject: [PATCH 2/2] Add EOF newline --- doc/user/duo_agent_platform/agents/external_examples.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/duo_agent_platform/agents/external_examples.md b/doc/user/duo_agent_platform/agents/external_examples.md index 841504cc2aa9de..0eef431badb8a1 100644 --- a/doc/user/duo_agent_platform/agents/external_examples.md +++ b/doc/user/duo_agent_platform/agents/external_examples.md @@ -153,4 +153,4 @@ commands: variables: - GITLAB_TOKEN_CODEX - GITLAB_HOST -``` \ No newline at end of file +``` -- GitLab