From 8bbe821606a382c2164d9f6679ed8701058712eb Mon Sep 17 00:00:00 2001
From: Sylvain Bauza <sbauza@free.fr>
Date: Thu, 26 Mar 2026 11:20:10 +0100
Subject: [PATCH 1/6] feat: add Gerrit integration connector for code review
 workflows

Add a complete Gerrit integration across backend, frontend, and runner
components, following the existing integration patterns (Jira, GitLab).

Backend (Go):
- Gerrit credential CRUD handlers (connect, status, disconnect, list)
- Validation against Gerrit /a/accounts/self endpoint
- K8s Secret storage with compound key (instanceName.userID)
- Session-scoped credential endpoint for runner consumption
- Integration status reporting
- Unit tests for auth handler input validation

Frontend (TypeScript/React):
- Connection card with HTTP basic / gitcookies auth toggle
- Multi-instance management with individual disconnect
- React Query hooks with proper cache invalidation
- Next.js API proxy routes for all Gerrit endpoints
- Session integrations panel entry

Runner (Python):
- Gerrit credential fetching from backend API
- Runtime config generation (gerrit_config.json + gitcookies file)
- MCP server entry in .mcp.json using Python 3.12 venv
- Dockerfile changes for Python 3.12 + Gerrit MCP server build
- Credential cleanup on session end

Documentation:
- Gerrit integration guide (docs/internal/integrations/)
- Updated integrations README with Gerrit section
- OpenAPI contract spec
- Design specs and implementation plan

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 components/backend/handlers/gerrit_auth.go    | 388 +++++++++++++++
 .../backend/handlers/gerrit_auth_test.go      | 416 ++++++++++++++++
 .../handlers/integration_validation.go        | 116 +++++
 .../backend/handlers/integrations_status.go   |  28 ++
 .../backend/handlers/runtime_credentials.go   |  49 ++
 components/backend/routes.go                  |  11 +-
 .../gerrit/[instanceName]/disconnect/route.ts |  18 +
 .../gerrit/[instanceName]/status/route.ts     |  18 +
 .../src/app/api/auth/gerrit/connect/route.ts  |  16 +
 .../app/api/auth/gerrit/instances/route.ts    |  14 +
 .../src/app/api/auth/gerrit/test/route.ts     |  16 +
 .../app/integrations/IntegrationsClient.tsx   |   5 +
 .../settings/integrations-panel.tsx           |  10 +
 .../src/components/gerrit-connection-card.tsx | 341 +++++++++++++
 .../frontend/src/services/api/gerrit-auth.ts  |  63 +++
 .../frontend/src/services/api/integrations.ts |   9 +
 .../src/services/queries/use-gerrit.ts        |  43 ++
 components/runners/ambient-runner/.mcp.json   |   8 +
 components/runners/ambient-runner/Dockerfile  |  25 +
 .../ambient_runner/bridges/claude/mcp.py      | 109 ++++-
 .../ambient_runner/platform/auth.py           |  85 +++-
 docs/internal/integrations/README.md          |  18 +
 .../integrations/gerrit-integration.md        | 456 ++++++++++++++++++
 .../checklists/requirements.md                |  37 ++
 .../contracts/frontend-types.ts               |  48 ++
 .../contracts/gerrit-api.yaml                 | 266 ++++++++++
 specs/001-gerrit-integration/data-model.md    | 107 ++++
 specs/001-gerrit-integration/plan.md          | 140 ++++++
 specs/001-gerrit-integration/quickstart.md    |  94 ++++
 specs/001-gerrit-integration/research.md      | 136 ++++++
 specs/001-gerrit-integration/spec.md          | 138 ++++++
 specs/001-gerrit-integration/tasks.md         | 218 +++++++++
 32 files changed, 3431 insertions(+), 15 deletions(-)
 create mode 100644 components/backend/handlers/gerrit_auth.go
 create mode 100644 components/backend/handlers/gerrit_auth_test.go
 mode change 100755 => 100644 components/backend/handlers/runtime_credentials.go
 create mode 100644 components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
 create mode 100644 components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
 create mode 100644 components/frontend/src/app/api/auth/gerrit/connect/route.ts
 create mode 100644 components/frontend/src/app/api/auth/gerrit/instances/route.ts
 create mode 100644 components/frontend/src/app/api/auth/gerrit/test/route.ts
 create mode 100644 components/frontend/src/components/gerrit-connection-card.tsx
 create mode 100644 components/frontend/src/services/api/gerrit-auth.ts
 create mode 100644 components/frontend/src/services/queries/use-gerrit.ts
 mode change 100755 => 100644 components/runners/ambient-runner/ambient_runner/platform/auth.py
 create mode 100644 docs/internal/integrations/gerrit-integration.md
 create mode 100644 specs/001-gerrit-integration/checklists/requirements.md
 create mode 100644 specs/001-gerrit-integration/contracts/frontend-types.ts
 create mode 100644 specs/001-gerrit-integration/contracts/gerrit-api.yaml
 create mode 100644 specs/001-gerrit-integration/data-model.md
 create mode 100644 specs/001-gerrit-integration/plan.md
 create mode 100644 specs/001-gerrit-integration/quickstart.md
 create mode 100644 specs/001-gerrit-integration/research.md
 create mode 100644 specs/001-gerrit-integration/spec.md
 create mode 100644 specs/001-gerrit-integration/tasks.md

diff --git a/components/backend/handlers/gerrit_auth.go b/components/backend/handlers/gerrit_auth.go
new file mode 100644
index 000000000..6874917e9
--- /dev/null
+++ b/components/backend/handlers/gerrit_auth.go
@@ -0,0 +1,388 @@
+package handlers
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"log"
+	"net/http"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// GerritCredentials represents cluster-level Gerrit credentials for a user instance
+type GerritCredentials struct {
+	UserID            string    `json:"userId"`
+	InstanceName      string    `json:"instanceName"`                // User-assigned name (e.g., "openstack")
+	URL               string    `json:"url"`                         // Gerrit instance base URL
+	AuthMethod        string    `json:"authMethod"`                  // "http_basic" or "git_cookies"
+	Username          string    `json:"username,omitempty"`          // For http_basic
+	HTTPToken         string    `json:"httpToken,omitempty"`         // For http_basic
+	GitcookiesContent string    `json:"gitcookiesContent,omitempty"` // For git_cookies
+	UpdatedAt         time.Time `json:"updatedAt"`
+}
+
+const gerritSecretName = "gerrit-credentials"
+
+var validInstanceNameRegex = regexp.MustCompile(`^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`)
+
+// gerritSecretKey returns the K8s secret data key for a Gerrit instance
+func gerritSecretKey(instanceName, userID string) string {
+	return instanceName + "." + userID
+}
+
+// ConnectGerrit handles POST /api/auth/gerrit/connect
+// Validates and stores Gerrit credentials for a user instance
+func ConnectGerrit(c *gin.Context) {
+	reqK8s, _ := GetK8sClientsForRequest(c)
+	if reqK8s == nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or missing token"})
+		return
+	}
+
+	userID := c.GetString("userID")
+	if userID == "" {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User authentication required"})
+		return
+	}
+	if !isValidUserID(userID) {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid user identifier"})
+		return
+	}
+
+	var req struct {
+		InstanceName      string `json:"instanceName" binding:"required"`
+		URL               string `json:"url" binding:"required"`
+		AuthMethod        string `json:"authMethod" binding:"required"`
+		Username          string `json:"username"`
+		HTTPToken         string `json:"httpToken"`
+		GitcookiesContent string `json:"gitcookiesContent"`
+	}
+
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	// Validate instance name format
+	if !validInstanceNameRegex.MatchString(req.InstanceName) {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Instance name must be lowercase alphanumeric with hyphens (2-63 chars)"})
+		return
+	}
+
+	// Validate auth method and required fields
+	switch req.AuthMethod {
+	case "http_basic":
+		if req.Username == "" || req.HTTPToken == "" {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "Username and HTTP token are required for HTTP basic auth"})
+			return
+		}
+	case "git_cookies":
+		if req.GitcookiesContent == "" {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "Gitcookies content is required for git_cookies auth"})
+			return
+		}
+	default:
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Auth method must be 'http_basic' or 'git_cookies'"})
+		return
+	}
+
+	// Validate credentials against the Gerrit instance
+	valid, err := ValidateGerritToken(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Validation failed: %s", err.Error())})
+		return
+	}
+	if !valid {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid Gerrit credentials"})
+		return
+	}
+
+	creds := &GerritCredentials{
+		UserID:            userID,
+		InstanceName:      req.InstanceName,
+		URL:               req.URL,
+		AuthMethod:        req.AuthMethod,
+		Username:          req.Username,
+		HTTPToken:         req.HTTPToken,
+		GitcookiesContent: req.GitcookiesContent,
+		UpdatedAt:         time.Now(),
+	}
+
+	if err := storeGerritCredentials(c.Request.Context(), creds); err != nil {
+		log.Printf("Failed to store Gerrit credentials for user %s instance %s: %v", userID, req.InstanceName, err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save Gerrit credentials"})
+		return
+	}
+
+	log.Printf("✓ Stored Gerrit credentials for user %s instance %s", userID, req.InstanceName)
+	c.JSON(http.StatusOK, gin.H{
+		"message":      fmt.Sprintf("Gerrit instance '%s' connected successfully", req.InstanceName),
+		"instanceName": req.InstanceName,
+		"url":          req.URL,
+		"authMethod":   req.AuthMethod,
+	})
+}
+
+// GetGerritStatus handles GET /api/auth/gerrit/:instanceName/status
+func GetGerritStatus(c *gin.Context) {
+	reqK8s, _ := GetK8sClientsForRequest(c)
+	if reqK8s == nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or missing token"})
+		return
+	}
+
+	userID := c.GetString("userID")
+	if userID == "" {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User authentication required"})
+		return
+	}
+
+	instanceName := c.Param("instanceName")
+	if instanceName == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Instance name is required"})
+		return
+	}
+
+	creds, err := getGerritCredentials(c.Request.Context(), instanceName, userID)
+	if err != nil {
+		if errors.IsNotFound(err) {
+			c.JSON(http.StatusOK, gin.H{"connected": false})
+			return
+		}
+		log.Printf("Failed to get Gerrit credentials for user %s instance %s: %v", userID, instanceName, err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check Gerrit status"})
+		return
+	}
+
+	if creds == nil {
+		c.JSON(http.StatusOK, gin.H{"connected": false})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"connected":    true,
+		"instanceName": creds.InstanceName,
+		"url":          creds.URL,
+		"authMethod":   creds.AuthMethod,
+		"updatedAt":    creds.UpdatedAt.Format(time.RFC3339),
+	})
+}
+
+// DisconnectGerrit handles DELETE /api/auth/gerrit/:instanceName/disconnect
+func DisconnectGerrit(c *gin.Context) {
+	reqK8s, _ := GetK8sClientsForRequest(c)
+	if reqK8s == nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or missing token"})
+		return
+	}
+
+	userID := c.GetString("userID")
+	if userID == "" {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User authentication required"})
+		return
+	}
+
+	instanceName := c.Param("instanceName")
+	if instanceName == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Instance name is required"})
+		return
+	}
+
+	if err := deleteGerritCredentials(c.Request.Context(), instanceName, userID); err != nil {
+		log.Printf("Failed to delete Gerrit credentials for user %s instance %s: %v", userID, instanceName, err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to disconnect Gerrit"})
+		return
+	}
+
+	log.Printf("✓ Deleted Gerrit credentials for user %s instance %s", userID, instanceName)
+	c.JSON(http.StatusOK, gin.H{"message": fmt.Sprintf("Gerrit instance '%s' disconnected successfully", instanceName)})
+}
+
+// ListGerritInstances handles GET /api/auth/gerrit/instances
+// Returns all connected Gerrit instances for the authenticated user
+func ListGerritInstances(c *gin.Context) {
+	reqK8s, _ := GetK8sClientsForRequest(c)
+	if reqK8s == nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or missing token"})
+		return
+	}
+
+	userID := c.GetString("userID")
+	if userID == "" {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "User authentication required"})
+		return
+	}
+
+	instances, err := listGerritCredentials(c.Request.Context(), userID)
+	if err != nil {
+		log.Printf("Failed to list Gerrit instances for user %s: %v", userID, err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list Gerrit instances"})
+		return
+	}
+
+	result := make([]gin.H, 0, len(instances))
+	for _, creds := range instances {
+		result = append(result, gin.H{
+			"connected":    true,
+			"instanceName": creds.InstanceName,
+			"url":          creds.URL,
+			"authMethod":   creds.AuthMethod,
+			"updatedAt":    creds.UpdatedAt.Format(time.RFC3339),
+		})
+	}
+
+	c.JSON(http.StatusOK, gin.H{"instances": result})
+}
+
+// storeGerritCredentials stores Gerrit credentials in cluster-level Secret
+func storeGerritCredentials(ctx context.Context, creds *GerritCredentials) error {
+	if creds == nil || creds.UserID == "" || creds.InstanceName == "" {
+		return fmt.Errorf("invalid credentials payload")
+	}
+
+	key := gerritSecretKey(creds.InstanceName, creds.UserID)
+
+	for i := 0; i < 3; i++ { // retry on conflict
+		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+		if err != nil {
+			if errors.IsNotFound(err) {
+				secret = &corev1.Secret{
+					ObjectMeta: v1.ObjectMeta{
+						Name:      gerritSecretName,
+						Namespace: Namespace,
+						Labels: map[string]string{
+							"app":                      "ambient-code",
+							"ambient-code.io/provider": "gerrit",
+						},
+					},
+					Type: corev1.SecretTypeOpaque,
+					Data: map[string][]byte{},
+				}
+				if _, cerr := K8sClient.CoreV1().Secrets(Namespace).Create(ctx, secret, v1.CreateOptions{}); cerr != nil && !errors.IsAlreadyExists(cerr) {
+					return fmt.Errorf("failed to create Secret: %w", cerr)
+				}
+				secret, err = K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+				if err != nil {
+					return fmt.Errorf("failed to fetch Secret after create: %w", err)
+				}
+			} else {
+				return fmt.Errorf("failed to get Secret: %w", err)
+			}
+		}
+
+		if secret.Data == nil {
+			secret.Data = map[string][]byte{}
+		}
+
+		b, err := json.Marshal(creds)
+		if err != nil {
+			return fmt.Errorf("failed to marshal credentials: %w", err)
+		}
+		secret.Data[key] = b
+
+		if _, uerr := K8sClient.CoreV1().Secrets(Namespace).Update(ctx, secret, v1.UpdateOptions{}); uerr != nil {
+			if errors.IsConflict(uerr) {
+				continue
+			}
+			return fmt.Errorf("failed to update Secret: %w", uerr)
+		}
+		return nil
+	}
+	return fmt.Errorf("failed to update Secret after retries")
+}
+
+// getGerritCredentials retrieves Gerrit credentials for a specific instance and user
+func getGerritCredentials(ctx context.Context, instanceName, userID string) (*GerritCredentials, error) {
+	if userID == "" || instanceName == "" {
+		return nil, fmt.Errorf("userID and instanceName are required")
+	}
+
+	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+	if err != nil {
+		return nil, err
+	}
+
+	key := gerritSecretKey(instanceName, userID)
+	if secret.Data == nil || len(secret.Data[key]) == 0 {
+		return nil, nil
+	}
+
+	var creds GerritCredentials
+	if err := json.Unmarshal(secret.Data[key], &creds); err != nil {
+		return nil, fmt.Errorf("failed to parse credentials: %w", err)
+	}
+
+	return &creds, nil
+}
+
+// listGerritCredentials returns all Gerrit instances for a user
+func listGerritCredentials(ctx context.Context, userID string) ([]*GerritCredentials, error) {
+	if userID == "" {
+		return nil, fmt.Errorf("userID is required")
+	}
+
+	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+	if err != nil {
+		if errors.IsNotFound(err) {
+			return nil, nil
+		}
+		return nil, err
+	}
+
+	suffix := "." + userID
+	var result []*GerritCredentials
+	for key, val := range secret.Data {
+		if strings.HasSuffix(key, suffix) {
+			var creds GerritCredentials
+			if err := json.Unmarshal(val, &creds); err != nil {
+				log.Printf("Failed to parse Gerrit credentials for key %s: %v", key, err)
+				continue
+			}
+			result = append(result, &creds)
+		}
+	}
+
+	return result, nil
+}
+
+// deleteGerritCredentials removes Gerrit credentials for a specific instance and user
+func deleteGerritCredentials(ctx context.Context, instanceName, userID string) error {
+	if userID == "" || instanceName == "" {
+		return fmt.Errorf("userID and instanceName are required")
+	}
+
+	key := gerritSecretKey(instanceName, userID)
+
+	for i := 0; i < 3; i++ { // retry on conflict
+		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+		if err != nil {
+			if errors.IsNotFound(err) {
+				return nil
+			}
+			return fmt.Errorf("failed to get Secret: %w", err)
+		}
+
+		if secret.Data == nil || len(secret.Data[key]) == 0 {
+			return nil
+		}
+
+		delete(secret.Data, key)
+
+		if _, uerr := K8sClient.CoreV1().Secrets(Namespace).Update(ctx, secret, v1.UpdateOptions{}); uerr != nil {
+			if errors.IsConflict(uerr) {
+				continue
+			}
+			return fmt.Errorf("failed to update Secret: %w", uerr)
+		}
+		return nil
+	}
+	return fmt.Errorf("failed to update Secret after retries")
+}
+
diff --git a/components/backend/handlers/gerrit_auth_test.go b/components/backend/handlers/gerrit_auth_test.go
new file mode 100644
index 000000000..c91811ef7
--- /dev/null
+++ b/components/backend/handlers/gerrit_auth_test.go
@@ -0,0 +1,416 @@
+//go:build test
+
+package handlers
+
+import (
+	"ambient-code-backend/tests/config"
+	test_constants "ambient-code-backend/tests/constants"
+	"context"
+	"net/http"
+
+	"ambient-code-backend/tests/logger"
+	"ambient-code-backend/tests/test_utils"
+
+	"github.com/gin-gonic/gin"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_constants.LabelHandlers, "gerrit-auth"), func() {
+	var (
+		httpUtils         *test_utils.HTTPTestUtils
+		k8sUtils          *test_utils.K8sTestUtils
+		originalNamespace string
+		testToken         string
+	)
+
+	BeforeEach(func() {
+		logger.Log("Setting up Gerrit Auth Handler test")
+
+		originalNamespace = Namespace
+
+		// Use centralized handler dependencies setup
+		k8sUtils = test_utils.NewK8sTestUtils(false, *config.TestNamespace)
+		SetupHandlerDependencies(k8sUtils)
+
+		// gerrit_auth.go uses Namespace (backend namespace) for secret operations
+		Namespace = *config.TestNamespace
+
+		httpUtils = test_utils.NewHTTPTestUtils()
+
+		// Create namespace + role and mint a valid test token for this suite
+		ctx := context.Background()
+		_, err := k8sUtils.K8sClient.CoreV1().Namespaces().Create(ctx, &corev1.Namespace{
+			ObjectMeta: metav1.ObjectMeta{Name: *config.TestNamespace},
+		}, metav1.CreateOptions{})
+		if err != nil && !errors.IsAlreadyExists(err) {
+			Expect(err).NotTo(HaveOccurred())
+		}
+		_, err = k8sUtils.CreateTestRole(ctx, *config.TestNamespace, "test-full-access-role", []string{"get", "list", "create", "update", "delete", "patch"}, "*", "")
+		Expect(err).NotTo(HaveOccurred())
+
+		token, _, err := httpUtils.SetValidTestToken(
+			k8sUtils,
+			*config.TestNamespace,
+			[]string{"get", "list", "create", "update", "delete", "patch"},
+			"*",
+			"",
+			"test-full-access-role",
+		)
+		Expect(err).NotTo(HaveOccurred())
+		testToken = token
+	})
+
+	AfterEach(func() {
+		Namespace = originalNamespace
+
+		// Clean up created namespace (best-effort)
+		if k8sUtils != nil {
+			_ = k8sUtils.K8sClient.CoreV1().Namespaces().Delete(context.Background(), *config.TestNamespace, metav1.DeleteOptions{})
+		}
+	})
+
+	Context("ConnectGerrit", func() {
+		It("Should require authentication", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+				"username":     "testuser",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			// Don't set auth header
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertErrorMessage("Invalid or missing token")
+		})
+
+		It("Should require user authentication", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+				"username":     "testuser",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			// Don't set user context
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertJSONContains(map[string]interface{}{
+				"error": "Invalid or missing token",
+			})
+		})
+
+		It("Should require valid JSON body", func() {
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", "invalid-json")
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+		})
+
+		It("Should require instanceName field", func() {
+			requestBody := map[string]interface{}{
+				"url":        "https://review.opendev.org",
+				"authMethod": "http_basic",
+				"username":   "testuser",
+				"httpToken":  "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+		})
+
+		It("Should require url field", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"authMethod":   "http_basic",
+				"username":     "testuser",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+		})
+
+		It("Should require authMethod field", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"username":     "testuser",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+		})
+
+		It("Should reject invalid instance names", func() {
+			invalidNames := []string{
+				"a",        // too short (single char)
+				"INVALID",  // uppercase
+				"my@name",  // special characters
+			}
+
+			for _, name := range invalidNames {
+				requestBody := map[string]interface{}{
+					"instanceName": name,
+					"url":          "https://review.opendev.org",
+					"authMethod":   "http_basic",
+					"username":     "testuser",
+					"httpToken":    "secret-token",
+				}
+
+				context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+				httpUtils.SetAuthHeader(testToken)
+				httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+				ConnectGerrit(context)
+
+				httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+				httpUtils.AssertErrorMessage("Instance name must be lowercase alphanumeric with hyphens (2-63 chars)")
+
+				// Reset for next test
+				httpUtils = test_utils.NewHTTPTestUtils()
+			}
+		})
+
+		It("Should accept valid instance names", func() {
+			validNames := []string{
+				"my-gerrit",
+				"openstack",
+				"review-01",
+				"a1",
+			}
+
+			for _, name := range validNames {
+				requestBody := map[string]interface{}{
+					"instanceName": name,
+					"url":          "https://review.opendev.org",
+					"authMethod":   "http_basic",
+					"username":     "testuser",
+					"httpToken":    "secret-token",
+				}
+
+				context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+				httpUtils.SetAuthHeader(testToken)
+				httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+				ConnectGerrit(context)
+
+				// Should not fail at instance name validation stage
+				status := httpUtils.GetResponseRecorder().Code
+				Expect(status).NotTo(Equal(http.StatusBadRequest), "Should accept valid instance name: "+name)
+
+				// Reset for next test
+				httpUtils = test_utils.NewHTTPTestUtils()
+			}
+		})
+
+		It("Should reject invalid auth method", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "oauth2",
+				"username":     "testuser",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Auth method must be 'http_basic' or 'git_cookies'")
+		})
+
+		It("Should require username and httpToken for http_basic", func() {
+			// Missing both username and httpToken
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+		})
+
+		It("Should require username for http_basic when only httpToken provided", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+				"httpToken":    "secret-token",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+		})
+
+		It("Should require httpToken for http_basic when only username provided", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+				"username":     "testuser",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+		})
+
+		It("Should require gitcookiesContent for git_cookies", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "my-gerrit",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "git_cookies",
+			}
+
+			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ConnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Gitcookies content is required for git_cookies auth")
+		})
+	})
+
+	Context("GetGerritStatus", func() {
+		It("Should require authentication", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/openstack/status", nil)
+			context.Params = gin.Params{
+				gin.Param{Key: "instanceName", Value: "openstack"},
+			}
+			// Don't set auth header
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			GetGerritStatus(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertErrorMessage("Invalid or missing token")
+		})
+
+		It("Should require user authentication", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/openstack/status", nil)
+			context.Params = gin.Params{
+				gin.Param{Key: "instanceName", Value: "openstack"},
+			}
+			// Don't set user context
+
+			GetGerritStatus(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertJSONContains(map[string]interface{}{
+				"error": "Invalid or missing token",
+			})
+		})
+	})
+
+	Context("DisconnectGerrit", func() {
+		It("Should require authentication", func() {
+			context := httpUtils.CreateTestGinContext("DELETE", "/auth/gerrit/openstack/disconnect", nil)
+			context.Params = gin.Params{
+				gin.Param{Key: "instanceName", Value: "openstack"},
+			}
+			// Don't set auth header
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			DisconnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertErrorMessage("Invalid or missing token")
+		})
+
+		It("Should require user authentication", func() {
+			context := httpUtils.CreateTestGinContext("DELETE", "/auth/gerrit/openstack/disconnect", nil)
+			context.Params = gin.Params{
+				gin.Param{Key: "instanceName", Value: "openstack"},
+			}
+			// Don't set user context
+
+			DisconnectGerrit(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertJSONContains(map[string]interface{}{
+				"error": "Invalid or missing token",
+			})
+		})
+	})
+
+	Context("ListGerritInstances", func() {
+		It("Should require authentication", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/instances", nil)
+			// Don't set auth header
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			ListGerritInstances(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertErrorMessage("Invalid or missing token")
+		})
+
+		It("Should require user authentication", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/instances", nil)
+			// Don't set user context
+
+			ListGerritInstances(context)
+
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertJSONContains(map[string]interface{}{
+				"error": "Invalid or missing token",
+			})
+		})
+	})
+})
diff --git a/components/backend/handlers/integration_validation.go b/components/backend/handlers/integration_validation.go
index 7b034e75e..28fdeba9c 100644
--- a/components/backend/handlers/integration_validation.go
+++ b/components/backend/handlers/integration_validation.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"fmt"
 	"net/http"
+	"net/url"
+	"strings"
 	"time"
 
 	"github.com/gin-gonic/gin"
@@ -143,6 +145,120 @@ func ValidateGoogleToken(ctx context.Context, accessToken string) (bool, error)
 	return resp.StatusCode == http.StatusOK, nil
 }
 
+// ValidateGerritToken checks if Gerrit credentials are valid
+// Uses /a/accounts/self endpoint which accepts Basic Auth or Cookie-based auth
+// Gerrit REST API responses are prefixed with )]}'  (XSSI protection)
+func ValidateGerritToken(ctx context.Context, gerritURL, authMethod, username, httpToken, gitcookiesContent string) (bool, error) {
+	if gerritURL == "" {
+		return false, fmt.Errorf("Gerrit URL is required")
+	}
+
+	client := &http.Client{Timeout: 15 * time.Second}
+	apiURL := fmt.Sprintf("%s/a/accounts/self", gerritURL)
+
+	req, err := http.NewRequestWithContext(ctx, "GET", apiURL, nil)
+	if err != nil {
+		return false, fmt.Errorf("failed to create request")
+	}
+	req.Header.Set("Accept", "application/json")
+
+	switch authMethod {
+	case "http_basic":
+		if username == "" || httpToken == "" {
+			return false, fmt.Errorf("username and HTTP token are required for HTTP basic auth")
+		}
+		req.SetBasicAuth(username, httpToken)
+
+	case "git_cookies":
+		if gitcookiesContent == "" {
+			return false, fmt.Errorf("gitcookies content is required")
+		}
+		// Parse gitcookies content to extract cookie for the target host
+		cookie := parseGitcookies(gerritURL, gitcookiesContent)
+		if cookie == "" {
+			return false, fmt.Errorf("no matching cookie found for host in gitcookies content")
+		}
+		req.Header.Set("Cookie", cookie)
+
+	default:
+		return false, fmt.Errorf("unsupported auth method: %s", authMethod)
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		// Don't wrap error - could leak credentials from request details
+		return false, fmt.Errorf("request failed")
+	}
+	defer resp.Body.Close()
+
+	// 200 = valid, 401/403 = invalid
+	if resp.StatusCode == http.StatusOK {
+		return true, nil
+	}
+	if resp.StatusCode == http.StatusUnauthorized || resp.StatusCode == http.StatusForbidden {
+		return false, nil
+	}
+
+	// Other status codes - can't validate, assume valid to avoid false negatives
+	return true, nil
+}
+
+// parseGitcookies extracts the cookie value for a given Gerrit URL from gitcookies content.
+// Gitcookies format: host\tFALSE\t/\tTRUE\t2147483647\to\tvalue
+func parseGitcookies(gerritURL, content string) string {
+	parsed, err := url.Parse(gerritURL)
+	if err != nil {
+		return ""
+	}
+	host := parsed.Hostname()
+
+	lines := strings.Split(content, "\n")
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if line == "" || strings.HasPrefix(line, "#") {
+			continue
+		}
+		fields := strings.Split(line, "\t")
+		if len(fields) >= 7 {
+			cookieHost := strings.TrimPrefix(fields[0], ".")
+			if cookieHost == host || strings.HasSuffix(host, "."+cookieHost) {
+				return fields[5] + "=" + fields[6]
+			}
+		}
+	}
+	return ""
+}
+
+// TestGerritConnection handles POST /api/auth/gerrit/test
+// Tests Gerrit credentials without saving them
+func TestGerritConnection(c *gin.Context) {
+	var req struct {
+		URL               string `json:"url" binding:"required"`
+		AuthMethod        string `json:"authMethod" binding:"required"`
+		Username          string `json:"username"`
+		HTTPToken         string `json:"httpToken"`
+		GitcookiesContent string `json:"gitcookiesContent"`
+	}
+
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	valid, err := ValidateGerritToken(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{"valid": false, "error": err.Error()})
+		return
+	}
+
+	if !valid {
+		c.JSON(http.StatusOK, gin.H{"valid": false, "error": "Invalid credentials"})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"valid": true, "message": "Gerrit connection successful"})
+}
+
 // TestJiraConnection handles POST /api/auth/jira/test
 // Tests Jira credentials without saving them
 func TestJiraConnection(c *gin.Context) {
diff --git a/components/backend/handlers/integrations_status.go b/components/backend/handlers/integrations_status.go
index 36e992c59..f12558500 100644
--- a/components/backend/handlers/integrations_status.go
+++ b/components/backend/handlers/integrations_status.go
@@ -39,6 +39,9 @@ func GetIntegrationsStatus(c *gin.Context) {
 	// GitLab status
 	response["gitlab"] = getGitLabStatusForUser(ctx, userID)
 
+	// Gerrit status
+	response["gerrit"] = getGerritStatusForUser(ctx, userID)
+
 	// MCP server credentials status
 	response["mcpServers"] = getMCPServerStatusForUser(ctx, userID)
 
@@ -47,6 +50,7 @@ func GetIntegrationsStatus(c *gin.Context) {
 
 // Helper functions to get individual integration statuses
 
+// getGitHubStatusForUser returns the GitHub integration status (App + PAT) for a user.
 func getGitHubStatusForUser(ctx context.Context, userID string) gin.H {
 	log.Printf("getGitHubStatusForUser: querying status for user=%s", userID)
 	status := gin.H{
@@ -90,6 +94,7 @@ func getGitHubStatusForUser(ctx context.Context, userID string) gin.H {
 	return status
 }
 
+// getGoogleStatusForUser returns the Google OAuth integration status for a user.
 func getGoogleStatusForUser(ctx context.Context, userID string) gin.H {
 	creds, err := GetGoogleCredentials(ctx, userID)
 	if err != nil || creds == nil {
@@ -108,6 +113,7 @@ func getGoogleStatusForUser(ctx context.Context, userID string) gin.H {
 	}
 }
 
+// getJiraStatusForUser returns the Jira integration status for a user.
 func getJiraStatusForUser(ctx context.Context, userID string) gin.H {
 	creds, err := GetJiraCredentials(ctx, userID)
 	if err != nil || creds == nil {
@@ -128,6 +134,28 @@ func getJiraStatusForUser(ctx context.Context, userID string) gin.H {
 	}
 }
 
+// getGerritStatusForUser returns the Gerrit integration status with all connected instances for a user.
+func getGerritStatusForUser(ctx context.Context, userID string) gin.H {
+	instances, err := listGerritCredentials(ctx, userID)
+	if err != nil || len(instances) == 0 {
+		return gin.H{"instances": []gin.H{}}
+	}
+
+	result := make([]gin.H, 0, len(instances))
+	for _, creds := range instances {
+		result = append(result, gin.H{
+			"connected":    true,
+			"instanceName": creds.InstanceName,
+			"url":          creds.URL,
+			"authMethod":   creds.AuthMethod,
+			"updatedAt":    creds.UpdatedAt.Format("2006-01-02T15:04:05Z07:00"),
+		})
+	}
+
+	return gin.H{"instances": result}
+}
+
+// getGitLabStatusForUser returns the GitLab integration status for a user.
 func getGitLabStatusForUser(ctx context.Context, userID string) gin.H {
 	creds, err := GetGitLabCredentials(ctx, userID)
 	if err != nil || creds == nil {
diff --git a/components/backend/handlers/runtime_credentials.go b/components/backend/handlers/runtime_credentials.go
old mode 100755
new mode 100644
index 6cf4ea460..6c0298752
--- a/components/backend/handlers/runtime_credentials.go
+++ b/components/backend/handlers/runtime_credentials.go
@@ -481,6 +481,55 @@ func fetchGitHubUserIdentity(ctx context.Context, token string) (userName, email
 	return userName, email
 }
 
+// GetGerritCredentialsForSession handles GET /api/projects/:project/agentic-sessions/:session/credentials/gerrit
+// Returns all Gerrit instances' credentials for the session's user
+func GetGerritCredentialsForSession(c *gin.Context) {
+	project := c.Param("projectName")
+	session := c.Param("sessionName")
+
+	reqK8s, reqDyn := GetK8sClientsForRequest(c)
+	if reqK8s == nil {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "Invalid or missing token"})
+		return
+	}
+
+	effectiveUserID, ok := enforceCredentialRBAC(c, reqK8s, reqDyn, project, session)
+	if !ok {
+		return
+	}
+
+	// Get all Gerrit instances for the user
+	instances, err := listGerritCredentials(c.Request.Context(), effectiveUserID)
+	if err != nil {
+		log.Printf("Failed to get Gerrit credentials for user %s: %v", effectiveUserID, err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to get Gerrit credentials"})
+		return
+	}
+
+	if len(instances) == 0 {
+		c.JSON(http.StatusNotFound, gin.H{"error": "Gerrit credentials not configured"})
+		return
+	}
+
+	result := make([]gin.H, 0, len(instances))
+	for _, creds := range instances {
+		instance := gin.H{
+			"instanceName": creds.InstanceName,
+			"url":          creds.URL,
+			"authMethod":   creds.AuthMethod,
+		}
+		if creds.AuthMethod == "http_basic" {
+			instance["username"] = creds.Username
+			instance["httpToken"] = creds.HTTPToken
+		} else if creds.AuthMethod == "git_cookies" {
+			instance["gitcookiesContent"] = creds.GitcookiesContent
+		}
+		result = append(result, instance)
+	}
+
+	c.JSON(http.StatusOK, gin.H{"instances": result})
+}
+
 // fetchGitLabUserIdentity fetches user name and email from GitLab API
 // Returns the user's name and email for git config
 func fetchGitLabUserIdentity(ctx context.Context, token, instanceURL string) (userName, email string) {
diff --git a/components/backend/routes.go b/components/backend/routes.go
index 0cd298ea9..6b2daeb12 100644
--- a/components/backend/routes.go
+++ b/components/backend/routes.go
@@ -83,6 +83,7 @@ func registerRoutes(r *gin.Engine) {
 			projectGroup.GET("/agentic-sessions/:sessionName/credentials/google", handlers.GetGoogleCredentialsForSession)
 			projectGroup.GET("/agentic-sessions/:sessionName/credentials/jira", handlers.GetJiraCredentialsForSession)
 			projectGroup.GET("/agentic-sessions/:sessionName/credentials/gitlab", handlers.GetGitLabTokenForSession)
+			projectGroup.GET("/agentic-sessions/:sessionName/credentials/gerrit", handlers.GetGerritCredentialsForSession)
 			projectGroup.GET("/agentic-sessions/:sessionName/credentials/mcp/:serverName", handlers.GetMCPCredentialsForSession)
 
 			// Session export
@@ -159,6 +160,13 @@ func registerRoutes(r *gin.Engine) {
 		api.DELETE("/auth/gitlab/disconnect", handlers.DisconnectGitLabGlobal)
 		api.POST("/auth/gitlab/test", handlers.TestGitLabConnection)
 
+		// Cluster-level Gerrit (user-scoped, multi-instance)
+		api.POST("/auth/gerrit/connect", handlers.ConnectGerrit)
+		api.POST("/auth/gerrit/test", handlers.TestGerritConnection)
+		api.GET("/auth/gerrit/instances", handlers.ListGerritInstances)
+		api.GET("/auth/gerrit/:instanceName/status", handlers.GetGerritStatus)
+		api.DELETE("/auth/gerrit/:instanceName/disconnect", handlers.DisconnectGerrit)
+
 		// Generic MCP server credentials (user-scoped)
 		api.POST("/auth/mcp/:serverName/connect", handlers.ConnectMCPServer)
 		api.GET("/auth/mcp/:serverName/status", handlers.GetMCPServerStatus)
@@ -167,9 +175,6 @@ func registerRoutes(r *gin.Engine) {
 		// Cluster info endpoint (public, no auth required)
 		api.GET("/cluster-info", handlers.GetClusterInfo)
 
-		// Version endpoint (public, no auth required)
-		api.GET("/version", handlers.GetVersion)
-
 		// LDAP search endpoints (cluster-scoped, auth-required)
 		api.GET("/ldap/users", handlers.SearchLDAPUsers)
 		api.GET("/ldap/users/:uid", handlers.GetLDAPUser)
diff --git a/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts b/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
new file mode 100644
index 000000000..687b643a5
--- /dev/null
+++ b/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
@@ -0,0 +1,18 @@
+import { BACKEND_URL } from '@/lib/config'
+import { buildForwardHeadersAsync } from '@/lib/auth'
+
+export async function DELETE(
+  request: Request,
+  { params }: { params: Promise<{ instanceName: string }> }
+) {
+  const { instanceName } = await params
+  const headers = await buildForwardHeadersAsync(request)
+
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${instanceName}/disconnect`, {
+    method: 'DELETE',
+    headers,
+  })
+
+  const data = await resp.text()
+  return new Response(data, { status: resp.status, headers: { 'Content-Type': 'application/json' } })
+}
diff --git a/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts b/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
new file mode 100644
index 000000000..9cf1ca129
--- /dev/null
+++ b/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
@@ -0,0 +1,18 @@
+import { BACKEND_URL } from '@/lib/config'
+import { buildForwardHeadersAsync } from '@/lib/auth'
+
+export async function GET(
+  request: Request,
+  { params }: { params: Promise<{ instanceName: string }> }
+) {
+  const { instanceName } = await params
+  const headers = await buildForwardHeadersAsync(request)
+
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${instanceName}/status`, {
+    method: 'GET',
+    headers,
+  })
+
+  const data = await resp.text()
+  return new Response(data, { status: resp.status, headers: { 'Content-Type': 'application/json' } })
+}
diff --git a/components/frontend/src/app/api/auth/gerrit/connect/route.ts b/components/frontend/src/app/api/auth/gerrit/connect/route.ts
new file mode 100644
index 000000000..83b8957d7
--- /dev/null
+++ b/components/frontend/src/app/api/auth/gerrit/connect/route.ts
@@ -0,0 +1,16 @@
+import { BACKEND_URL } from '@/lib/config'
+import { buildForwardHeadersAsync } from '@/lib/auth'
+
+export async function POST(request: Request) {
+  const headers = await buildForwardHeadersAsync(request)
+  const body = await request.text()
+
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/connect`, {
+    method: 'POST',
+    headers,
+    body,
+  })
+
+  const data = await resp.text()
+  return new Response(data, { status: resp.status, headers: { 'Content-Type': 'application/json' } })
+}
diff --git a/components/frontend/src/app/api/auth/gerrit/instances/route.ts b/components/frontend/src/app/api/auth/gerrit/instances/route.ts
new file mode 100644
index 000000000..928db061d
--- /dev/null
+++ b/components/frontend/src/app/api/auth/gerrit/instances/route.ts
@@ -0,0 +1,14 @@
+import { BACKEND_URL } from '@/lib/config'
+import { buildForwardHeadersAsync } from '@/lib/auth'
+
+export async function GET(request: Request) {
+  const headers = await buildForwardHeadersAsync(request)
+
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/instances`, {
+    method: 'GET',
+    headers,
+  })
+
+  const data = await resp.text()
+  return new Response(data, { status: resp.status, headers: { 'Content-Type': 'application/json' } })
+}
diff --git a/components/frontend/src/app/api/auth/gerrit/test/route.ts b/components/frontend/src/app/api/auth/gerrit/test/route.ts
new file mode 100644
index 000000000..b85426a02
--- /dev/null
+++ b/components/frontend/src/app/api/auth/gerrit/test/route.ts
@@ -0,0 +1,16 @@
+import { BACKEND_URL } from '@/lib/config'
+import { buildForwardHeadersAsync } from '@/lib/auth'
+
+export async function POST(request: Request) {
+  const headers = await buildForwardHeadersAsync(request)
+  const body = await request.text()
+
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/test`, {
+    method: 'POST',
+    headers,
+    body,
+  })
+
+  const data = await resp.text()
+  return new Response(data, { status: resp.status, headers: { 'Content-Type': 'application/json' } })
+}
diff --git a/components/frontend/src/app/integrations/IntegrationsClient.tsx b/components/frontend/src/app/integrations/IntegrationsClient.tsx
index 47ffc0602..18db9053e 100644
--- a/components/frontend/src/app/integrations/IntegrationsClient.tsx
+++ b/components/frontend/src/app/integrations/IntegrationsClient.tsx
@@ -4,6 +4,7 @@ import { GitHubConnectionCard } from '@/components/github-connection-card'
 import { GoogleDriveConnectionCard } from '@/components/google-drive-connection-card'
 import { GitLabConnectionCard } from '@/components/gitlab-connection-card'
 import { JiraConnectionCard } from '@/components/jira-connection-card'
+import { GerritConnectionCard } from '@/components/gerrit-connection-card'
 import { PageHeader } from '@/components/page-header'
 import { useIntegrationsStatus } from '@/services/queries/use-integrations'
 import { Loader2 } from 'lucide-react'
@@ -53,6 +54,10 @@ export default function IntegrationsClient({ appSlug }: Props) {
                 status={integrations?.jira}
                 onRefresh={refetch}
               />
+              <GerritConnectionCard
+                status={integrations?.gerrit}
+                onRefresh={refetch}
+              />
             </div>
           )}
         </div>
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/integrations-panel.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/integrations-panel.tsx
index 0ce6ae906..1645620e7 100644
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/integrations-panel.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/integrations-panel.tsx
@@ -19,6 +19,8 @@ export function IntegrationsPanel() {
   const gitlabConfigured = integrationsStatus?.gitlab?.connected ?? false;
   const jiraConfigured = integrationsStatus?.jira?.connected ?? false;
   const googleConfigured = integrationsStatus?.google?.connected ?? false;
+  const gerritConfigured = (integrationsStatus?.gerrit?.instances?.length ?? 0) > 0;
+  const gerritUrls = integrationsStatus?.gerrit?.instances?.map((i) => i.url).join(", ");
 
   const integrations = [
     {
@@ -48,6 +50,14 @@ export function IntegrationsPanel() {
       configured: jiraConfigured,
       configuredMessage: "Authenticated. Issue and project access enabled.",
     },
+    {
+      key: "gerrit",
+      name: "Gerrit",
+      configured: gerritConfigured,
+      configuredMessage: gerritConfigured
+        ? `Connected to ${gerritUrls}. Code review access enabled.`
+        : "",
+    },
   ].sort((a, b) => a.name.localeCompare(b.name));
 
   const configuredCount = integrations.filter((i) => i.configured).length;
diff --git a/components/frontend/src/components/gerrit-connection-card.tsx b/components/frontend/src/components/gerrit-connection-card.tsx
new file mode 100644
index 000000000..bb7c325ef
--- /dev/null
+++ b/components/frontend/src/components/gerrit-connection-card.tsx
@@ -0,0 +1,341 @@
+'use client'
+
+import React, { useState } from 'react'
+import { Button } from '@/components/ui/button'
+import { Card } from '@/components/ui/card'
+import { Input } from '@/components/ui/input'
+import { Label } from '@/components/ui/label'
+import { Loader2, Eye, EyeOff } from 'lucide-react'
+import { toast } from 'sonner'
+import { useConnectGerrit, useDisconnectGerrit, useTestGerritConnection } from '@/services/queries/use-gerrit'
+import type { GerritAuthMethod } from '@/services/api/gerrit-auth'
+
+type GerritInstanceInfo = {
+  connected: boolean
+  instanceName: string
+  url: string
+  authMethod: 'http_basic' | 'git_cookies'
+  updatedAt: string
+}
+
+type Props = {
+  status?: {
+    instances: GerritInstanceInfo[]
+  }
+  onRefresh?: () => void
+}
+
+/** Card component for managing Gerrit instance connections with multi-instance support. */
+export function GerritConnectionCard({ status, onRefresh }: Props) {
+  const connectMutation = useConnectGerrit()
+  const disconnectMutation = useDisconnectGerrit()
+  const testMutation = useTestGerritConnection()
+  const isLoading = !status
+
+  const [showForm, setShowForm] = useState(false)
+  const [instanceName, setInstanceName] = useState('')
+  const [url, setUrl] = useState('')
+  const [authMethod, setAuthMethod] = useState<GerritAuthMethod>('http_basic')
+  const [username, setUsername] = useState('')
+  const [httpToken, setHttpToken] = useState('')
+  const [gitcookiesContent, setGitcookiesContent] = useState('')
+  const [showToken, setShowToken] = useState(false)
+
+  const instances = status?.instances ?? []
+  const hasInstances = instances.length > 0
+
+  const resetForm = () => {
+    setInstanceName('')
+    setUrl('')
+    setAuthMethod('http_basic')
+    setUsername('')
+    setHttpToken('')
+    setGitcookiesContent('')
+    setShowToken(false)
+    setShowForm(false)
+  }
+
+  const buildRequest = () => ({
+    instanceName,
+    url,
+    authMethod,
+    ...(authMethod === 'http_basic' ? { username, httpToken } : { gitcookiesContent }),
+  })
+
+  const isFormValid = () => {
+    if (!instanceName || instanceName.length < 2 || !url) return false
+    if (authMethod === 'http_basic') return !!username && !!httpToken
+    return !!gitcookiesContent
+  }
+
+  const handleTest = () => {
+    testMutation.mutate(
+      { url, authMethod, ...(authMethod === 'http_basic' ? { username, httpToken } : { gitcookiesContent }) },
+      {
+        onSuccess: (result) => {
+          if (result.valid) {
+            toast.success('Connection test successful')
+          } else {
+            toast.error(result.error || 'Connection test failed')
+          }
+        },
+        onError: (error) => {
+          toast.error(error instanceof Error ? error.message : 'Connection test failed')
+        },
+      }
+    )
+  }
+
+  const handleConnect = () => {
+    connectMutation.mutate(buildRequest(), {
+      onSuccess: () => {
+        toast.success(`Gerrit instance '${instanceName}' connected successfully`)
+        resetForm()
+        onRefresh?.()
+      },
+      onError: (error) => {
+        toast.error(error instanceof Error ? error.message : 'Failed to connect Gerrit')
+      },
+    })
+  }
+
+  const handleDisconnect = (name: string) => {
+    disconnectMutation.mutate(name, {
+      onSuccess: () => {
+        toast.success(`Gerrit instance '${name}' disconnected`)
+        onRefresh?.()
+      },
+      onError: (error) => {
+        toast.error(error instanceof Error ? error.message : 'Failed to disconnect')
+      },
+    })
+  }
+
+  return (
+    <Card className="bg-card border border-border/60 shadow-sm shadow-black/[0.03] dark:shadow-black/[0.15] flex flex-col h-full">
+      <div className="p-6 flex flex-col flex-1">
+        {/* Header */}
+        <div className="flex items-start gap-4 mb-6">
+          <div className="flex-shrink-0 w-16 h-16 bg-primary rounded-lg flex items-center justify-center">
+            <svg className="w-10 h-10 text-white" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true">
+              <path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm-1 17.93c-3.95-.49-7-3.85-7-7.93 0-.62.08-1.21.21-1.79L9 15v1c0 1.1.9 2 2 2v1.93zm6.9-2.54c-.26-.81-1-1.39-1.9-1.39h-1v-3c0-.55-.45-1-1-1H8v-2h2c.55 0 1-.45 1-1V7h2c1.1 0 2-.9 2-2v-.41c2.93 1.19 5 4.06 5 7.41 0 2.08-.8 3.97-2.1 5.39z" />
+            </svg>
+          </div>
+          <div className="flex-1">
+            <h3 className="text-xl font-semibold text-foreground mb-1">Gerrit</h3>
+            <p className="text-muted-foreground">Connect to Gerrit for code review</p>
+          </div>
+        </div>
+
+        {/* Connected instances list */}
+        {hasInstances && !showForm && (
+          <div className="mb-4 space-y-2">
+            {instances.map((inst) => (
+              <div key={inst.instanceName} className="flex items-center justify-between p-3 rounded-md bg-muted/50 border border-border/40">
+                <div className="flex items-center gap-2 min-w-0">
+                  <span className="w-2 h-2 rounded-full bg-green-500 flex-shrink-0"></span>
+                  <div className="min-w-0">
+                    <p className="text-sm font-medium text-foreground truncate">{inst.instanceName}</p>
+                    <p className="text-xs text-muted-foreground truncate">{inst.url}</p>
+                  </div>
+                </div>
+                <Button
+                  variant="ghost"
+                  size="sm"
+                  onClick={() => handleDisconnect(inst.instanceName)}
+                  disabled={disconnectMutation.isPending}
+                  className="text-destructive hover:text-destructive flex-shrink-0"
+                >
+                  Disconnect
+                </Button>
+              </div>
+            ))}
+          </div>
+        )}
+
+        {/* Status when no instances */}
+        {!hasInstances && !showForm && (
+          <div className="mb-4">
+            <div className="flex items-center gap-2 mb-2">
+              <span className="w-2 h-2 rounded-full bg-gray-400"></span>
+              <span className="text-sm font-medium text-foreground/80">Not Connected</span>
+            </div>
+            <p className="text-muted-foreground">
+              Connect to Gerrit to review changes, submit comments, and manage code reviews across all sessions
+            </p>
+          </div>
+        )}
+
+        {/* Connection form */}
+        {showForm && (
+          <div className="mb-4 space-y-3">
+            <div>
+              <Label htmlFor="gerrit-instance-name" className="text-sm">Instance Name</Label>
+              <Input
+                id="gerrit-instance-name"
+                type="text"
+                placeholder="e.g. openstack, android"
+                value={instanceName}
+                onChange={(e) => setInstanceName(e.target.value.toLowerCase().replace(/[^a-z0-9-]/g, ''))}
+                disabled={connectMutation.isPending}
+                className="mt-1"
+                minLength={2}
+                maxLength={63}
+              />
+              <p className="text-xs text-muted-foreground mt-1">
+                A short name to identify this Gerrit instance (2-63 chars, lowercase, hyphens allowed)
+              </p>
+            </div>
+            <div>
+              <Label htmlFor="gerrit-url" className="text-sm">Gerrit URL</Label>
+              <Input
+                id="gerrit-url"
+                type="url"
+                placeholder="https://review.opendev.org"
+                value={url}
+                onChange={(e) => setUrl(e.target.value)}
+                disabled={connectMutation.isPending}
+                className="mt-1"
+              />
+            </div>
+            <div>
+              <Label className="text-sm">Authentication Method</Label>
+              <div className="flex gap-4 mt-2">
+                <label className="flex items-center gap-2 cursor-pointer">
+                  <input
+                    type="radio"
+                    name="gerrit-auth-method"
+                    value="http_basic"
+                    checked={authMethod === 'http_basic'}
+                    onChange={() => setAuthMethod('http_basic')}
+                    disabled={connectMutation.isPending}
+                    className="accent-primary"
+                  />
+                  <span className="text-sm">HTTP Credentials</span>
+                </label>
+                <label className="flex items-center gap-2 cursor-pointer">
+                  <input
+                    type="radio"
+                    name="gerrit-auth-method"
+                    value="git_cookies"
+                    checked={authMethod === 'git_cookies'}
+                    onChange={() => setAuthMethod('git_cookies')}
+                    disabled={connectMutation.isPending}
+                    className="accent-primary"
+                  />
+                  <span className="text-sm">Gitcookies</span>
+                </label>
+              </div>
+            </div>
+
+            {authMethod === 'http_basic' ? (
+              <>
+                <div>
+                  <Label htmlFor="gerrit-username" className="text-sm">Username</Label>
+                  <Input
+                    id="gerrit-username"
+                    type="text"
+                    placeholder="Your Gerrit username"
+                    value={username}
+                    onChange={(e) => setUsername(e.target.value)}
+                    disabled={connectMutation.isPending}
+                    className="mt-1"
+                  />
+                </div>
+                <div>
+                  <Label htmlFor="gerrit-token" className="text-sm">HTTP Password</Label>
+                  <div className="flex gap-2 mt-1">
+                    <Input
+                      id="gerrit-token"
+                      type={showToken ? 'text' : 'password'}
+                      placeholder="Your Gerrit HTTP password"
+                      value={httpToken}
+                      onChange={(e) => setHttpToken(e.target.value)}
+                      disabled={connectMutation.isPending}
+                    />
+                    <Button
+                      type="button"
+                      variant="ghost"
+                      size="sm"
+                      onClick={() => setShowToken(!showToken)}
+                      disabled={connectMutation.isPending}
+                    >
+                      {showToken ? <EyeOff className="w-4 h-4" /> : <Eye className="w-4 h-4" />}
+                    </Button>
+                  </div>
+                  <p className="text-xs text-muted-foreground mt-1">
+                    Generate an HTTP password in Gerrit Settings &gt; HTTP Credentials
+                  </p>
+                </div>
+              </>
+            ) : (
+              <div>
+                <Label htmlFor="gerrit-gitcookies" className="text-sm">Gitcookies Content</Label>
+                <textarea
+                  id="gerrit-gitcookies"
+                  className="mt-1 w-full rounded-md border border-input bg-background px-3 py-2 text-sm ring-offset-background placeholder:text-muted-foreground focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 font-mono"
+                  rows={3}
+                  placeholder="Paste your .gitcookies file content here"
+                  value={gitcookiesContent}
+                  onChange={(e) => setGitcookiesContent(e.target.value)}
+                  disabled={connectMutation.isPending}
+                />
+                <p className="text-xs text-muted-foreground mt-1">
+                  Paste the content of your ~/.gitcookies file
+                </p>
+              </div>
+            )}
+
+            <div className="flex gap-2 pt-2">
+              <Button
+                onClick={handleConnect}
+                disabled={connectMutation.isPending || !isFormValid()}
+                className="flex-1"
+              >
+                {connectMutation.isPending ? (
+                  <>
+                    <Loader2 className="h-4 w-4 mr-2 animate-spin" />
+                    Connecting...
+                  </>
+                ) : (
+                  'Save Credentials'
+                )}
+              </Button>
+              <Button
+                variant="outline"
+                onClick={handleTest}
+                disabled={testMutation.isPending || !url || (authMethod === 'http_basic' ? (!username || !httpToken) : !gitcookiesContent)}
+              >
+                {testMutation.isPending ? (
+                  <Loader2 className="h-4 w-4 animate-spin" />
+                ) : (
+                  'Test'
+                )}
+              </Button>
+              <Button
+                variant="outline"
+                onClick={resetForm}
+                disabled={connectMutation.isPending}
+              >
+                Cancel
+              </Button>
+            </div>
+          </div>
+        )}
+
+        {/* Action buttons */}
+        <div className="flex gap-3 mt-auto">
+          {!showForm && (
+            <Button
+              onClick={() => setShowForm(true)}
+              disabled={isLoading}
+              className="bg-primary hover:bg-primary/90 text-primary-foreground"
+            >
+              {hasInstances ? 'Add Instance' : 'Connect Gerrit'}
+            </Button>
+          )}
+        </div>
+      </div>
+    </Card>
+  )
+}
diff --git a/components/frontend/src/services/api/gerrit-auth.ts b/components/frontend/src/services/api/gerrit-auth.ts
new file mode 100644
index 000000000..b0641704d
--- /dev/null
+++ b/components/frontend/src/services/api/gerrit-auth.ts
@@ -0,0 +1,63 @@
+import { apiClient } from './client'
+
+export type GerritAuthMethod = 'http_basic' | 'git_cookies'
+
+export type GerritConnectRequest = {
+  instanceName: string
+  url: string
+  authMethod: GerritAuthMethod
+  username?: string
+  httpToken?: string
+  gitcookiesContent?: string
+}
+
+export type GerritTestRequest = {
+  url: string
+  authMethod: GerritAuthMethod
+  username?: string
+  httpToken?: string
+  gitcookiesContent?: string
+}
+
+export type GerritTestResponse = {
+  valid: boolean
+  message?: string
+  error?: string
+}
+
+export type GerritInstanceStatus = {
+  connected: boolean
+  instanceName: string
+  url: string
+  authMethod: GerritAuthMethod
+  updatedAt: string
+}
+
+export type GerritInstancesResponse = {
+  instances: GerritInstanceStatus[]
+}
+
+/** Connect a Gerrit instance by validating and storing credentials. */
+export async function connectGerrit(data: GerritConnectRequest): Promise<void> {
+  await apiClient.post<void, GerritConnectRequest>('/auth/gerrit/connect', data)
+}
+
+/** Test Gerrit credentials without storing them. */
+export async function testGerritConnection(data: GerritTestRequest): Promise<GerritTestResponse> {
+  return apiClient.post<GerritTestResponse, GerritTestRequest>('/auth/gerrit/test', data)
+}
+
+/** List all connected Gerrit instances for the current user. */
+export async function getGerritInstances(): Promise<GerritInstancesResponse> {
+  return apiClient.get<GerritInstancesResponse>('/auth/gerrit/instances')
+}
+
+/** Get connection status for a specific Gerrit instance. */
+export async function getGerritInstanceStatus(instanceName: string): Promise<GerritInstanceStatus> {
+  return apiClient.get<GerritInstanceStatus>(`/auth/gerrit/${instanceName}/status`)
+}
+
+/** Disconnect a Gerrit instance and remove stored credentials. */
+export async function disconnectGerrit(instanceName: string): Promise<void> {
+  await apiClient.delete<void>(`/auth/gerrit/${instanceName}/disconnect`)
+}
diff --git a/components/frontend/src/services/api/integrations.ts b/components/frontend/src/services/api/integrations.ts
index 60d6addd2..b328609a4 100644
--- a/components/frontend/src/services/api/integrations.ts
+++ b/components/frontend/src/services/api/integrations.ts
@@ -34,6 +34,15 @@ export type IntegrationsStatus = {
     updatedAt?: string
     valid?: boolean
   }
+  gerrit: {
+    instances: {
+      connected: boolean
+      instanceName: string
+      url: string
+      authMethod: 'http_basic' | 'git_cookies'
+      updatedAt: string
+    }[]
+  }
   mcpServers?: Record<string, { connected: boolean; valid?: boolean }>
 }
 
diff --git a/components/frontend/src/services/queries/use-gerrit.ts b/components/frontend/src/services/queries/use-gerrit.ts
new file mode 100644
index 000000000..38d9706c2
--- /dev/null
+++ b/components/frontend/src/services/queries/use-gerrit.ts
@@ -0,0 +1,43 @@
+import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query'
+import * as gerritAuthApi from '../api/gerrit-auth'
+
+/** Hook to fetch all connected Gerrit instances. */
+export function useGerritInstances() {
+  return useQuery({
+    queryKey: ['gerrit', 'instances'],
+    queryFn: () => gerritAuthApi.getGerritInstances(),
+  })
+}
+
+/** Hook to connect a new Gerrit instance with credential validation. */
+export function useConnectGerrit() {
+  const queryClient = useQueryClient()
+
+  return useMutation({
+    mutationFn: gerritAuthApi.connectGerrit,
+    onSuccess: () => {
+      queryClient.invalidateQueries({ queryKey: ['integrations', 'status'] })
+      queryClient.invalidateQueries({ queryKey: ['gerrit', 'instances'] })
+    },
+  })
+}
+
+/** Hook to disconnect a Gerrit instance and remove its credentials. */
+export function useDisconnectGerrit() {
+  const queryClient = useQueryClient()
+
+  return useMutation({
+    mutationFn: gerritAuthApi.disconnectGerrit,
+    onSuccess: () => {
+      queryClient.invalidateQueries({ queryKey: ['integrations', 'status'] })
+      queryClient.invalidateQueries({ queryKey: ['gerrit', 'instances'] })
+    },
+  })
+}
+
+/** Hook to test Gerrit credentials without storing them. */
+export function useTestGerritConnection() {
+  return useMutation({
+    mutationFn: gerritAuthApi.testGerritConnection,
+  })
+}
diff --git a/components/runners/ambient-runner/.mcp.json b/components/runners/ambient-runner/.mcp.json
index 66c145698..d6d66887f 100644
--- a/components/runners/ambient-runner/.mcp.json
+++ b/components/runners/ambient-runner/.mcp.json
@@ -23,6 +23,14 @@
         "READ_ONLY_MODE": "true"
       }
     },
+    "gerrit": {
+      "command": "/opt/gerrit-mcp-server/.venv/bin/python",
+      "args": ["/opt/gerrit-mcp-server/gerrit_mcp_server/main.py", "stdio"],
+      "env": {
+        "PYTHONPATH": "/opt/gerrit-mcp-server/",
+        "GERRIT_CONFIG_PATH": "${GERRIT_CONFIG_PATH}"
+      }
+    },
     "google-workspace": {
       "command": "uvx",
       "args": [
diff --git a/components/runners/ambient-runner/Dockerfile b/components/runners/ambient-runner/Dockerfile
index 515e536e0..57bcea078 100644
--- a/components/runners/ambient-runner/Dockerfile
+++ b/components/runners/ambient-runner/Dockerfile
@@ -62,6 +62,31 @@ RUN dnf install -y go-toolset && \
 # Install uv (provides uvx for package execution) and pre-commit (for repo hooks)
 RUN pip install --no-cache-dir uv pre-commit
 
+# Install Python 3.12 for Gerrit MCP server (requires >=3.12, runner uses 3.11)
+RUN dnf install -y python3.12 python3.12-pip && \
+    dnf clean all
+
+# Install Gerrit MCP server (code review integration for Gerrit-based communities)
+# Pinned to specific commit for reproducibility
+# Uses python3.12 for the venv since gerrit-mcp-server requires Python >=3.12
+RUN set -o pipefail && \
+    git clone https://gerrit.googlesource.com/gerrit-mcp-server /opt/gerrit-mcp-server && \
+    cd /opt/gerrit-mcp-server && \
+    git checkout 5666642afe1a5217e2529225d4bd9c9df6310bd6 && \
+    python3.12 -m venv .venv && \
+    . .venv/bin/activate && \
+    pip install --no-cache-dir --index-url https://pypi.org/simple -r uv-requirements.txt --require-hashes && \
+    uv pip compile pyproject.toml --generate-hashes --output-file requirements.txt --extra dev --extra-index-url https://pypi.org/simple && \
+    uv pip sync requirements.txt && \
+    uv build && \
+    WHEEL_FILE=$(find dist -maxdepth 1 -name '*.whl' -print -quit) && \
+    WHEEL_HASH=$(sha256sum "${WHEEL_FILE}" | awk '{print $1}') && \
+    echo "${WHEEL_FILE} --hash=sha256:${WHEEL_HASH}" > local-requirements.txt && \
+    uv pip install -r local-requirements.txt --no-deps --require-hashes && \
+    rm -f local-requirements.txt && \
+    chown -R 1001:0 /opt/gerrit-mcp-server && \
+    chmod -R g=u /opt/gerrit-mcp-server
+
 # Create working directory
 WORKDIR /app
 
diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
index 8bed29779..14dd0717a 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
@@ -30,6 +30,73 @@
 ]
 
 
+def generate_gerrit_config(instances: list[dict]) -> None:
+    """Generate gerrit_config.json and gitcookies file from fetched credentials.
+
+    Creates /tmp/gerrit-mcp/ directory with:
+    - gerrit_config.json: Native Gerrit MCP server config
+    - .gitcookies: Combined gitcookies content (if any instances use git_cookies auth)
+
+    Sets GERRIT_CONFIG_PATH env var to point to the generated config.
+    """
+    if not instances:
+        return
+
+    config_dir = Path("/tmp/gerrit-mcp")
+    config_dir.mkdir(parents=True, exist_ok=True)
+
+    gerrit_hosts = []
+    gitcookies_lines: list[str] = []
+
+    for inst in instances:
+        host_entry: dict = {
+            "name": inst.get("instanceName", ""),
+            "external_url": inst.get("url", ""),
+        }
+
+        auth_method = inst.get("authMethod", "")
+        if auth_method == "http_basic":
+            host_entry["authentication"] = {
+                "type": "http_basic",
+                "username": inst.get("username", ""),
+                "auth_token": inst.get("httpToken", ""),
+            }
+        elif auth_method == "git_cookies":
+            gitcookies_path = str(config_dir / ".gitcookies")
+            content = inst.get("gitcookiesContent", "")
+            if content:
+                gitcookies_lines.append(content.rstrip("\n"))
+            host_entry["authentication"] = {
+                "type": "git_cookies",
+                "gitcookies_path": gitcookies_path,
+            }
+
+        gerrit_hosts.append(host_entry)
+
+    # Write combined gitcookies file if any instances use git_cookies auth
+    if gitcookies_lines:
+        gitcookies_path = config_dir / ".gitcookies"
+        with open(gitcookies_path, "w") as f:
+            f.write("\n".join(gitcookies_lines) + "\n")
+        gitcookies_path.chmod(0o600)
+        logger.info("Wrote combined gitcookies file for Gerrit instances")
+
+    # Build gerrit_config.json
+    gerrit_config: dict = {
+        "gerrit_hosts": gerrit_hosts,
+    }
+    if gerrit_hosts:
+        gerrit_config["default_gerrit_base_url"] = gerrit_hosts[0].get("external_url", "")
+
+    config_path = config_dir / "gerrit_config.json"
+    with open(config_path, "w") as f:
+        json.dump(gerrit_config, f, indent=2)
+    config_path.chmod(0o600)
+
+    os.environ["GERRIT_CONFIG_PATH"] = str(config_path)
+    logger.info(f"Generated Gerrit config with {len(gerrit_hosts)} host(s) at {config_path}")
+
+
 def build_mcp_servers(
     context: RunnerContext,
     cwd_path: str,
@@ -112,8 +179,7 @@ def build_mcp_servers(
         logger.info(
             f"Added backend API MCP tools ({len(backend_tools)}): "
             "acp_list_sessions, acp_get_session, acp_create_session, "
-            "acp_stop_session, acp_send_message, acp_get_session_status, "
-            "acp_restart_session, acp_list_workflows, acp_get_api_reference"
+            "acp_stop_session, acp_send_message, acp_get_api_reference"
         )
 
     return mcp_servers
@@ -146,6 +212,7 @@ def log_auth_status(mcp_servers: dict) -> None:
 def _read_google_credentials(
     workspace_path: Path, secret_path: Path
 ) -> Dict[str, Any] | None:
+    """Read and parse Google OAuth credentials from workspace or secret path."""
     cred_path = workspace_path if workspace_path.exists() else secret_path
     if not cred_path.exists():
         return None
@@ -160,6 +227,7 @@ def _read_google_credentials(
 
 
 def _parse_token_expiry(expiry_str: str) -> datetime | None:
+    """Parse an ISO 8601 token expiry string into a timezone-aware datetime."""
     try:
         expiry_str = expiry_str.replace("Z", "+00:00")
         dt = datetime.fromisoformat(expiry_str)
@@ -174,6 +242,7 @@ def _parse_token_expiry(expiry_str: str) -> datetime | None:
 def _validate_google_token(
     user_creds: Dict[str, Any], user_email: str
 ) -> tuple[bool | None, str]:
+    """Validate Google OAuth token completeness and expiry status."""
     if not user_creds.get("access_token") or not user_creds.get("refresh_token"):
         return False, "Google OAuth credentials incomplete - missing or empty tokens"
 
@@ -261,6 +330,42 @@ def check_mcp_authentication(server_name: str) -> tuple[bool | None, str | None]
 
         return False, "Jira not configured - connect on Integrations page"
 
+    if server_name == "gerrit":
+        config_path = os.getenv("GERRIT_CONFIG_PATH", "")
+        if config_path and Path(config_path).exists():
+            return True, "Gerrit credentials configured"
+
+        # Fallback: check if backend has credentials available
+        try:
+            import urllib.request as _urllib_request
+
+            base = os.getenv("BACKEND_API_URL", "").rstrip("/")
+            project = os.getenv("PROJECT_NAME") or os.getenv(
+                "AGENTIC_SESSION_NAMESPACE", ""
+            )
+            session_id = os.getenv("SESSION_ID", "")
+
+            if base and project and session_id:
+                url = f"{base}/projects/{project.strip()}/agentic-sessions/{session_id}/credentials/gerrit"
+                req = _urllib_request.Request(url, method="GET")
+                bot = (os.getenv("BOT_TOKEN") or "").strip()
+                if bot:
+                    req.add_header("Authorization", f"Bearer {bot}")
+                try:
+                    with _urllib_request.urlopen(req, timeout=3) as resp:
+                        data = json.loads(resp.read())
+                        if data.get("instances"):
+                            return (
+                                True,
+                                "Gerrit credentials available (not yet loaded in session)",
+                            )
+                except Exception as e:
+                    logger.debug(f"Gerrit credential probe failed: {e}")
+        except Exception as e:
+            logger.debug(f"Gerrit credential check setup failed: {e}")
+
+        return False, "Gerrit not configured - connect on Integrations page"
+
     # Generic fallback: check if MCP_{SERVER_NAME}_* env vars are populated
     sanitized = server_name.upper().replace("-", "_")
     prefix = f"MCP_{sanitized}_"
diff --git a/components/runners/ambient-runner/ambient_runner/platform/auth.py b/components/runners/ambient-runner/ambient_runner/platform/auth.py
old mode 100755
new mode 100644
index 6409445bf..978ad7250
--- a/components/runners/ambient-runner/ambient_runner/platform/auth.py
+++ b/components/runners/ambient-runner/ambient_runner/platform/auth.py
@@ -30,7 +30,9 @@
 _EXPIRY_BUFFER_SEC = 5 * 60
 
 # Hardcoded path for Google Workspace MCP credentials (must match populate and clear).
-_GOOGLE_WORKSPACE_CREDS_FILE = Path("/workspace/.google_workspace_mcp/credentials/credentials.json")
+_GOOGLE_WORKSPACE_CREDS_FILE = Path(
+    "/workspace/.google_workspace_mcp/credentials/credentials.json"
+)
 
 
 # ---------------------------------------------------------------------------
@@ -113,7 +115,9 @@ async def _fetch_credential(context: RunnerContext, credential_type: str) -> dic
         or parsed.hostname == "localhost"
         or parsed.hostname == "127.0.0.1"
     ):
-        logger.error(f"Refusing to send credentials to external host: {parsed.hostname}")
+        logger.error(
+            f"Refusing to send credentials to external host: {parsed.hostname}"
+        )
         return {}
 
     logger.info(f"Fetching fresh {credential_type} credentials from: {url}")
@@ -144,18 +148,24 @@ def _do_req():
                 # Caller token expired — fall back to BOT_TOKEN with current
                 # user header. The backend validates this against the active
                 # user set by the proxy when the run started.
-                logger.info(f"Caller token expired for {credential_type}, falling back to BOT_TOKEN")
+                logger.info(
+                    f"Caller token expired for {credential_type}, falling back to BOT_TOKEN"
+                )
                 fallback_req = _urllib_request.Request(url, method="GET")
                 bot = (os.getenv("BOT_TOKEN") or "").strip()
                 if bot:
                     fallback_req.add_header("Authorization", f"Bearer {bot}")
                 if context.current_user_id:
-                    fallback_req.add_header("X-Runner-Current-User", context.current_user_id)
+                    fallback_req.add_header(
+                        "X-Runner-Current-User", context.current_user_id
+                    )
                 try:
                     with _urllib_request.urlopen(fallback_req, timeout=10) as resp:
                         return resp.read().decode("utf-8", errors="replace")
                 except Exception as fallback_err:
-                    logger.warning(f"{credential_type} BOT_TOKEN fallback also failed: {fallback_err}")
+                    logger.warning(
+                        f"{credential_type} BOT_TOKEN fallback also failed: {fallback_err}"
+                    )
                     return ""
             logger.warning(f"{credential_type} credential fetch failed: {e}")
             return ""
@@ -256,6 +266,19 @@ async def fetch_gitlab_token(context: RunnerContext) -> str:
     return data.get("token", "")
 
 
+async def fetch_gerrit_credentials(context: RunnerContext) -> list[dict]:
+    """Fetch all Gerrit instance credentials from backend API.
+
+    Returns list of instance dicts with: instanceName, url, authMethod,
+    username, httpToken, gitcookiesContent
+    """
+    data = await _fetch_credential(context, "gerrit")
+    instances = data.get("instances", [])
+    if instances:
+        logger.info(f"Fetched Gerrit credentials for {len(instances)} instance(s)")
+    return instances
+
+
 async def fetch_token_for_url(context: RunnerContext, url: str) -> str:
     """Fetch appropriate token based on repository URL host."""
     try:
@@ -278,11 +301,12 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
     logger.info("Fetching fresh credentials from backend API...")
 
     # Fetch all credentials concurrently
-    google_creds, jira_creds, gitlab_creds, github_creds = await asyncio.gather(
+    google_creds, jira_creds, gitlab_creds, github_creds, gerrit_instances = await asyncio.gather(
         fetch_google_credentials(context),
         fetch_jira_credentials(context),
         fetch_gitlab_credentials(context),
         fetch_github_credentials(context),
+        fetch_gerrit_credentials(context),
         return_exceptions=True,
     )
 
@@ -353,6 +377,18 @@ async def populate_runtime_credentials(context: RunnerContext) -> None:
         if github_creds.get("email"):
             git_user_email = github_creds["email"]
 
+    # Gerrit credentials (generate config file for MCP server)
+    if isinstance(gerrit_instances, Exception):
+        logger.warning(f"Failed to fetch Gerrit credentials: {gerrit_instances}")
+    elif gerrit_instances:
+        try:
+            from ambient_runner.bridges.claude.mcp import generate_gerrit_config
+
+            generate_gerrit_config(gerrit_instances)
+            logger.info("Generated Gerrit MCP config from backend credentials")
+        except Exception as e:
+            logger.warning(f"Failed to generate Gerrit config: {e}")
+
     # Configure git identity and credential helper
     await configure_git_identity(git_user_name, git_user_email)
     install_git_credential_helper()
@@ -380,11 +416,29 @@ def clear_runtime_credentials() -> None:
 
     # Clear dynamically-injected MCP credential env vars (set by populate_mcp_server_credentials).
     # Only clear keys matching the MCP_{SERVER}_{FIELD} pattern, not static config like MCP_CONFIG_FILE.
-    mcp_cred_keys = [k for k in os.environ if k.startswith("MCP_") and k.count("_") >= 2 and k != "MCP_CONFIG_FILE"]
+    mcp_cred_keys = [
+        k
+        for k in os.environ
+        if k.startswith("MCP_") and k.count("_") >= 2 and k != "MCP_CONFIG_FILE"
+    ]
     for key in mcp_cred_keys:
         os.environ.pop(key, None)
         cleared.append(key)
 
+    # Remove Gerrit config and gitcookies files
+    gerrit_config_path = os.environ.pop("GERRIT_CONFIG_PATH", None)
+    if gerrit_config_path:
+        cleared.append("GERRIT_CONFIG_PATH")
+    gerrit_dir = Path("/tmp/gerrit-mcp")
+    if gerrit_dir.exists():
+        try:
+            import shutil
+
+            shutil.rmtree(gerrit_dir)
+            cleared.append("gerrit_config_files")
+        except OSError as e:
+            logger.warning(f"Failed to remove Gerrit config directory: {e}")
+
     # Remove Google Workspace credential file if present (uses same hardcoded path as populate_runtime_credentials)
     google_cred_file = _GOOGLE_WORKSPACE_CREDS_FILE
     if google_cred_file.exists():
@@ -510,10 +564,18 @@ def install_git_credential_helper() -> None:
     try:
         helper_path = Path(_GIT_CREDENTIAL_HELPER_PATH)
         helper_path.write_text(_GIT_CREDENTIAL_HELPER_SCRIPT)
-        helper_path.chmod(stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH)  # 755
+        helper_path.chmod(
+            stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH
+        )  # 755
 
         result = subprocess.run(
-            ["git", "config", "--global", "credential.helper", _GIT_CREDENTIAL_HELPER_PATH],
+            [
+                "git",
+                "config",
+                "--global",
+                "credential.helper",
+                _GIT_CREDENTIAL_HELPER_PATH,
+            ],
             capture_output=True,
             timeout=5,
         )
@@ -525,7 +587,9 @@ def install_git_credential_helper() -> None:
             )
             return
         _credential_helper_installed = True
-        logger.info("Installed git credential helper at %s", _GIT_CREDENTIAL_HELPER_PATH)
+        logger.info(
+            "Installed git credential helper at %s", _GIT_CREDENTIAL_HELPER_PATH
+        )
     except Exception as e:
         logger.warning(f"Failed to install git credential helper: {e}")
 
@@ -581,3 +645,4 @@ async def configure_git_identity(user_name: str, user_email: str) -> None:
         logger.warning(f"Failed to configure git identity: {e}")
     except Exception as e:
         logger.error(f"Unexpected error configuring git identity: {e}", exc_info=True)
+
diff --git a/docs/internal/integrations/README.md b/docs/internal/integrations/README.md
index e1ece3487..11f54476f 100644
--- a/docs/internal/integrations/README.md
+++ b/docs/internal/integrations/README.md
@@ -18,10 +18,19 @@ Documentation for integrating the Ambient Code Platform with external services.
 - Clone, commit, and push operations
 - Multi-provider projects (mix GitHub and GitLab)
 
+### Code Review
+
+**[Gerrit Integration](gerrit-integration.md)**
+- Multi-instance support (e.g., OpenStack, Android)
+- HTTP basic and gitcookies authentication
+- MCP server with 21 code review tools
+- Session-scoped credential injection
+
 **Getting Started:**
 - [GitHub Setup Guide](../GITHUB_APP_SETUP.md)
 - [GitLab Token Setup](../gitlab-token-setup.md)
 - [GitLab Self-Hosted Configuration](../gitlab-self-hosted.md)
+- [Gerrit Integration Guide](gerrit-integration.md)
 
 ---
 
@@ -53,6 +62,11 @@ Documentation for integrating the Ambient Code Platform with external services.
 - **Personal Access Tokens** - Primary method
 - **Instance URL** - Support for self-hosted
 
+### Gerrit
+- **HTTP Basic** - Username + HTTP password
+- **Gitcookies** - Cookie-based authentication
+- **Multi-instance** - Connect multiple Gerrit servers
+
 ### Google Workspace
 - **OAuth 2.0** - User authorization
 - **Session-scoped** - Credentials auto-removed after session
@@ -77,6 +91,9 @@ All integrations are configured per-project via:
 - [GitLab Testing](../gitlab-testing-procedures.md) - Test procedures
 - [GitLab API Endpoints](../api/gitlab-endpoints.md) - API reference
 
+### Gerrit
+- [Gerrit Integration](gerrit-integration.md) - Setup and usage guide
+
 ### Google Workspace
 - [Google Workspace Integration](google-workspace.md) - Setup and usage
 
@@ -103,3 +120,4 @@ See [Contributing Guide](../../CONTRIBUTING.md) for development workflow.
 ---
 
 **Questions?** Open a [GitHub Discussion](https://github.com/ambient-code/vTeam/discussions)
+
diff --git a/docs/internal/integrations/gerrit-integration.md b/docs/internal/integrations/gerrit-integration.md
new file mode 100644
index 000000000..5d92a0e3e
--- /dev/null
+++ b/docs/internal/integrations/gerrit-integration.md
@@ -0,0 +1,456 @@
+# Gerrit Integration for Ambient Code Platform
+
+Ambient Code Platform supports Gerrit code review instances, enabling AgenticSessions to interact with Gerrit changes through an MCP (Model Context Protocol) server. This guide covers connecting Gerrit instances, authentication methods, and using the 21 available code review tools.
+
+## Overview
+
+**What's Supported:**
+- Multiple Gerrit instances connected simultaneously (e.g., "openstack", "android")
+- HTTP Basic Auth (username + HTTP password)
+- Gitcookies-based authentication
+- 21 MCP tools for code review operations (browse changes, submit reviews, vote on changes, etc.)
+- Credential validation on connect via Gerrit's `/a/accounts/self` endpoint
+
+**Requirements:**
+- A Gerrit account with HTTP credentials or gitcookies
+- Network connectivity from runner pods to the Gerrit instance
+- Ambient Code Platform backend v1.2.0 or higher
+
+---
+
+## Quick Start
+
+### 1. Obtain Gerrit Credentials
+
+Choose one of the two supported authentication methods.
+
+**Option A: HTTP Basic Auth**
+
+1. Log in to your Gerrit instance (e.g., `https://review.opendev.org`)
+2. Navigate to **Settings** (gear icon or profile menu)
+3. Select **HTTP Credentials** (sometimes labeled "HTTP Password")
+4. Click **Generate Password** if you do not already have one
+5. Copy and save both your **username** and the generated **HTTP password**
+
+**Option B: Gitcookies**
+
+1. Follow your Gerrit instance's instructions for generating gitcookies (often found at `/new-password` on the instance)
+2. Open your local `~/.gitcookies` file
+3. Copy the line(s) corresponding to your Gerrit instance
+4. You will paste this content when connecting
+
+---
+
+### 2. Connect a Gerrit Instance
+
+Each Gerrit instance you connect requires a unique **instance name**. Instance names must be lowercase alphanumeric with hyphens, between 2 and 63 characters (regex: `^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`).
+
+**Via API (HTTP Basic Auth):**
+```bash
+curl -X POST http://vteam-backend:8080/api/auth/gerrit/connect \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <your-acp-auth-token>" \
+  -d '{
+    "instanceName": "openstack",
+    "url": "https://review.opendev.org",
+    "authMethod": "http_basic",
+    "username": "john",
+    "httpToken": "abc123"
+  }'
+```
+
+**Via API (Gitcookies):**
+```bash
+curl -X POST http://vteam-backend:8080/api/auth/gerrit/connect \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <your-acp-auth-token>" \
+  -d '{
+    "instanceName": "android",
+    "url": "https://android-review.googlesource.com",
+    "authMethod": "git_cookies",
+    "gitcookiesContent": ".googlesource.com\tTRUE\t/\tTRUE\t...\to\tgit-user.cookies=..."
+  }'
+```
+
+**Success Response (200 OK):**
+```json
+{
+  "message": "Gerrit instance 'openstack' connected successfully",
+  "instanceName": "openstack",
+  "url": "https://review.opendev.org",
+  "authMethod": "http_basic"
+}
+```
+
+**What Happens on Connect:**
+1. Credentials are validated by calling `GET /a/accounts/self` on the Gerrit instance
+2. If validation passes, credentials are stored in a Kubernetes Secret
+3. The instance becomes available for use in AgenticSessions
+
+---
+
+### 3. Test Credentials (Optional)
+
+You can test credentials before storing them. This calls the same validation endpoint but does not persist anything.
+
+```bash
+curl -X POST http://vteam-backend:8080/api/auth/gerrit/test \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <your-acp-auth-token>" \
+  -d '{
+    "instanceName": "openstack",
+    "url": "https://review.opendev.org",
+    "authMethod": "http_basic",
+    "username": "john",
+    "httpToken": "abc123"
+  }'
+```
+
+Use this to verify your credentials are correct before committing to a connection.
+
+---
+
+### 4. Use Gerrit in an AgenticSession
+
+Once a Gerrit instance is connected, AgenticSessions automatically have access to the Gerrit MCP server and its 21 code review tools.
+
+**What Happens at Runtime:**
+1. The runner generates a `gerrit_config.json` file at `/tmp/gerrit-mcp/`
+2. The Gerrit MCP server launches in STDIO mode using a Python 3.12 virtual environment
+3. The agent can browse changes, submit reviews, vote, and perform other code review operations through the MCP tools
+
+No additional session configuration is needed -- connected Gerrit instances are available automatically.
+
+---
+
+## Managing Connections
+
+### List Connected Instances
+
+```bash
+curl -X GET http://vteam-backend:8080/api/auth/gerrit/instances \
+  -H "Authorization: Bearer <your-acp-auth-token>"
+```
+
+This returns all Gerrit instances currently connected for your user.
+
+### Check Instance Status
+
+```bash
+curl -X GET http://vteam-backend:8080/api/auth/gerrit/openstack/status \
+  -H "Authorization: Bearer <your-acp-auth-token>"
+```
+
+Replace `openstack` with your instance name.
+
+### Disconnect an Instance
+
+```bash
+curl -X DELETE http://vteam-backend:8080/api/auth/gerrit/openstack/disconnect \
+  -H "Authorization: Bearer <your-acp-auth-token>"
+```
+
+This removes:
+- Stored credentials for the instance from the Kubernetes Secret
+- The instance from your list of connected instances
+- Access to that Gerrit instance in future AgenticSessions
+
+Your Gerrit account and credentials on the Gerrit server itself are not affected.
+
+### Update Credentials
+
+To update credentials for an existing instance (e.g., after an HTTP password rotation):
+
+1. Disconnect the instance
+2. Reconnect with the new credentials using the same instance name
+
+---
+
+## Multi-Instance Support
+
+You can connect multiple Gerrit instances simultaneously. Each instance is identified by its unique instance name.
+
+**Example: Connecting Two Instances**
+
+```bash
+# Connect OpenStack Gerrit
+curl -X POST http://vteam-backend:8080/api/auth/gerrit/connect \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <your-acp-auth-token>" \
+  -d '{
+    "instanceName": "openstack",
+    "url": "https://review.opendev.org",
+    "authMethod": "http_basic",
+    "username": "john",
+    "httpToken": "abc123"
+  }'
+
+# Connect Android Gerrit
+curl -X POST http://vteam-backend:8080/api/auth/gerrit/connect \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <your-acp-auth-token>" \
+  -d '{
+    "instanceName": "android",
+    "url": "https://android-review.googlesource.com",
+    "authMethod": "git_cookies",
+    "gitcookiesContent": ".googlesource.com\tTRUE\t/\tTRUE\t..."
+  }'
+```
+
+Both instances will be available to the MCP server during AgenticSessions.
+
+---
+
+## Security
+
+### Credential Storage
+
+- Credentials are stored in a Kubernetes Secret named `gerrit-credentials`
+- Each credential entry uses a compound key: `instanceName.userID`
+- Secrets are encrypted at rest (standard Kubernetes Secret encryption)
+- Credentials are never logged in plaintext
+- Credentials are not exposed in API responses after storage
+
+### Authentication Methods Compared
+
+| Method | Best For | Credential |
+|--------|----------|------------|
+| HTTP Basic Auth | Most Gerrit instances | Username + HTTP password from Gerrit Settings |
+| Gitcookies | Google-hosted instances (e.g., Googlesource) | Content from `~/.gitcookies` file |
+
+### Credential Rotation
+
+**Recommendation:** Rotate credentials whenever your Gerrit HTTP password changes or your gitcookies expire.
+
+**Process:**
+1. Generate new credentials in your Gerrit instance
+2. Test the new credentials using the `/api/auth/gerrit/test` endpoint
+3. Disconnect the existing instance
+4. Reconnect with the new credentials
+
+### Instance Name Rules
+
+Instance names serve as identifiers and must follow these rules:
+- Lowercase letters, digits, and hyphens only
+- Between 2 and 63 characters
+- Must start and end with a letter or digit (not a hyphen)
+- Regex: `^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`
+
+**Valid examples:** `openstack`, `android`, `my-gerrit-01`
+
+**Invalid examples:** `-bad`, `a` (too short), `UPPER` (uppercase not allowed)
+
+---
+
+## Troubleshooting
+
+### Connection Issues
+
+**Problem:** "Authentication failed" when connecting
+
+**Solutions:**
+1. Verify your credentials are correct by testing them manually:
+   ```bash
+   # For HTTP Basic Auth
+   curl -u "john:abc123" https://review.opendev.org/a/accounts/self
+   ```
+2. Confirm you are using the correct auth method for your instance
+3. For HTTP Basic Auth: regenerate the HTTP password in Gerrit Settings > HTTP Credentials
+4. For gitcookies: confirm the cookie lines correspond to the correct Gerrit host
+
+**Problem:** "Invalid instance name" error
+
+**Solutions:**
+1. Check that the name is 2-63 characters long
+2. Use only lowercase letters, digits, and hyphens
+3. Do not start or end the name with a hyphen
+
+**Problem:** "Instance already connected" error
+
+**Solutions:**
+1. Choose a different instance name, or
+2. Disconnect the existing instance first, then reconnect
+
+---
+
+### Runtime Issues
+
+**Problem:** Gerrit MCP server fails to start in AgenticSession
+
+**Solutions:**
+1. Check session pod logs for Python version errors (Python 3.12 or higher is required):
+   ```bash
+   kubectl logs <session-pod> -n <project-namespace>
+   ```
+2. Verify the instance is still connected:
+   ```bash
+   curl -X GET http://vteam-backend:8080/api/auth/gerrit/instances \
+     -H "Authorization: Bearer <your-acp-auth-token>"
+   ```
+3. Check that the Gerrit instance is reachable from the runner pod:
+   ```bash
+   kubectl exec -it <session-pod> -n <project-namespace> -- \
+     curl -s -o /dev/null -w "%{http_code}" https://review.opendev.org
+   ```
+
+**Problem:** MCP tools return authorization errors during a session
+
+**Solutions:**
+1. Your credentials may have expired or been revoked on the Gerrit server
+2. Disconnect and reconnect with fresh credentials
+3. Verify your Gerrit account still has the necessary permissions
+
+---
+
+### Network Issues
+
+**Problem:** Connection times out
+
+**Solutions:**
+1. Verify the Gerrit URL is correct and includes `https://`
+2. Check network connectivity from backend pods:
+   ```bash
+   kubectl exec -it <backend-pod> -n vteam-backend -- \
+     curl -s -o /dev/null -w "%{http_code}" https://review.opendev.org
+   ```
+3. Check firewall rules allow traffic from the Kubernetes cluster to the Gerrit host
+4. Verify SSL/TLS certificates are valid
+
+---
+
+## API Reference
+
+### Connect Gerrit Instance
+
+```http
+POST /api/auth/gerrit/connect
+Content-Type: application/json
+Authorization: Bearer <acp-token>
+```
+
+**Request Body (HTTP Basic Auth):**
+```json
+{
+  "instanceName": "openstack",
+  "url": "https://review.opendev.org",
+  "authMethod": "http_basic",
+  "username": "john",
+  "httpToken": "abc123"
+}
+```
+
+**Request Body (Gitcookies):**
+```json
+{
+  "instanceName": "android",
+  "url": "https://android-review.googlesource.com",
+  "authMethod": "git_cookies",
+  "gitcookiesContent": ".googlesource.com\tTRUE\t/\tTRUE\t...\to\tgit-user.cookies=..."
+}
+```
+
+**Response (200 OK):**
+```json
+{
+  "message": "Gerrit instance 'openstack' connected successfully",
+  "instanceName": "openstack",
+  "url": "https://review.opendev.org",
+  "authMethod": "http_basic"
+}
+```
+
+---
+
+### Test Gerrit Credentials
+
+```http
+POST /api/auth/gerrit/test
+Content-Type: application/json
+Authorization: Bearer <acp-token>
+```
+
+Request body is identical to the connect endpoint. Validates credentials without storing them.
+
+---
+
+### List Connected Instances
+
+```http
+GET /api/auth/gerrit/instances
+Authorization: Bearer <acp-token>
+```
+
+**Response (200 OK):**
+Returns a list of all connected Gerrit instances for the authenticated user.
+
+---
+
+### Get Instance Status
+
+```http
+GET /api/auth/gerrit/:instanceName/status
+Authorization: Bearer <acp-token>
+```
+
+**Response (200 OK):**
+Returns the current status of the specified Gerrit instance.
+
+---
+
+### Disconnect Gerrit Instance
+
+```http
+DELETE /api/auth/gerrit/:instanceName/disconnect
+Authorization: Bearer <acp-token>
+```
+
+**Response (200 OK):**
+Removes stored credentials and disconnects the instance.
+
+---
+
+## FAQ
+
+**Q: Can I connect multiple Gerrit instances at the same time?**
+A: Yes. Each instance requires a unique instance name. You can connect as many instances as you need (e.g., "openstack", "android", "internal").
+
+**Q: Which authentication method should I use?**
+A: Use HTTP Basic Auth for most Gerrit instances. Use gitcookies for Google-hosted instances (such as those on `googlesource.com`) where gitcookies are the standard authentication mechanism.
+
+**Q: What happens if my HTTP password changes on the Gerrit server?**
+A: AgenticSessions will fail to authenticate with that instance. Disconnect the instance and reconnect with the new credentials.
+
+**Q: Do I need to configure anything in the AgenticSession to use Gerrit?**
+A: No. Connected Gerrit instances are automatically available to the MCP server during sessions. The runner handles configuration and MCP server startup.
+
+**Q: What tools does the Gerrit MCP server provide?**
+A: The MCP server provides 21 tools for code review operations, including browsing changes, submitting reviews, voting on changes, and other Gerrit workflow actions.
+
+**Q: Can I use Gerrit alongside GitHub and GitLab integrations?**
+A: Yes. The Gerrit integration is independent of GitHub and GitLab integrations. All three can be used simultaneously within the same Ambient Code Platform deployment.
+
+**Q: What Python version does the Gerrit MCP server require?**
+A: The Gerrit MCP server requires Python 3.12 or higher. The runner creates a dedicated virtual environment for it automatically.
+
+**Q: How do I know if my credentials are valid before connecting?**
+A: Use the `/api/auth/gerrit/test` endpoint. It validates credentials against the Gerrit instance without storing them.
+
+**Q: What is the instance name used for?**
+A: The instance name is a user-chosen identifier that distinguishes between multiple Gerrit instances. It is used in API paths (e.g., `/api/auth/gerrit/openstack/status`) and as part of the credential storage key.
+
+**Q: Can two users connect the same Gerrit instance with the same instance name?**
+A: Yes. Instance names are scoped per user. Two different users can both have an instance named "openstack" without conflict, as credentials are stored with a compound key of `instanceName.userID`.
+
+---
+
+## Support and Resources
+
+**Troubleshooting:**
+- Check backend logs: `kubectl logs -l app=vteam-backend -n vteam-backend`
+- Check session logs: `kubectl logs <session-pod> -n <project-namespace>`
+- Verify Gerrit instance availability by accessing it directly in a browser
+
+**Gerrit Resources:**
+- [Gerrit REST API Documentation](https://gerrit-review.googlesource.com/Documentation/rest-api.html)
+- [Gerrit HTTP Credentials](https://gerrit-review.googlesource.com/Documentation/user-upload.html#http)
+- [Gitcookies Authentication](https://gerrit-review.googlesource.com/Documentation/user-upload.html#cookies)
diff --git a/specs/001-gerrit-integration/checklists/requirements.md b/specs/001-gerrit-integration/checklists/requirements.md
new file mode 100644
index 000000000..532f077a3
--- /dev/null
+++ b/specs/001-gerrit-integration/checklists/requirements.md
@@ -0,0 +1,37 @@
+# Specification Quality Checklist: Gerrit Integration Connector
+
+**Purpose**: Validate specification completeness and quality before proceeding to planning
+**Created**: 2026-03-24
+**Feature**: [spec.md](../spec.md)
+
+## Content Quality
+
+- [x] No implementation details (languages, frameworks, APIs)
+- [x] Focused on user value and business needs
+- [x] Written for non-technical stakeholders
+- [x] All mandatory sections completed
+
+## Requirement Completeness
+
+- [x] No [NEEDS CLARIFICATION] markers remain
+- [x] Requirements are testable and unambiguous
+- [x] Success criteria are measurable
+- [x] Success criteria are technology-agnostic (no implementation details)
+- [x] All acceptance scenarios are defined
+- [x] Edge cases are identified
+- [x] Scope is clearly bounded
+- [x] Dependencies and assumptions identified
+
+## Feature Readiness
+
+- [x] All functional requirements have clear acceptance criteria
+- [x] User scenarios cover primary flows
+- [x] Feature meets measurable outcomes defined in Success Criteria
+- [x] No implementation details leak into specification
+
+## Notes
+
+- All items pass validation. The spec is ready for `/speckit.plan`.
+- Clarification session on 2026-03-24 resolved 3 questions: gitcookies input method (paste), write operations scope (all enabled), multi-instance behavior (all auto-available).
+- The Assumptions section documents reasonable defaults for deployment mode (STDIO) and credential storage pattern (existing MCP server credentials).
+- Out of Scope section clearly bounds the feature to code review API integration, excluding Git transport and admin operations.
diff --git a/specs/001-gerrit-integration/contracts/frontend-types.ts b/specs/001-gerrit-integration/contracts/frontend-types.ts
new file mode 100644
index 000000000..bf74e6bf9
--- /dev/null
+++ b/specs/001-gerrit-integration/contracts/frontend-types.ts
@@ -0,0 +1,48 @@
+/**
+ * Frontend TypeScript types for the Gerrit Integration.
+ * These extend the existing IntegrationsStatus type.
+ */
+
+// --- API Request/Response Types ---
+
+export type GerritAuthMethod = 'http_basic' | 'git_cookies'
+
+export interface GerritConnectRequest {
+  instanceName: string
+  url: string
+  authMethod: GerritAuthMethod
+  username?: string       // Required when authMethod is 'http_basic'
+  httpToken?: string      // Required when authMethod is 'http_basic'
+  gitcookiesContent?: string // Required when authMethod is 'git_cookies'
+}
+
+export interface GerritConnectResponse {
+  message: string
+  instanceName: string
+  url: string
+  authMethod: GerritAuthMethod
+}
+
+export interface GerritInstanceStatus {
+  connected: boolean
+  instanceName: string
+  url?: string
+  authMethod?: GerritAuthMethod
+  updatedAt?: string
+}
+
+export interface GerritTestResponse {
+  valid: boolean
+  error?: string
+}
+
+export interface GerritInstancesListResponse {
+  instances: GerritInstanceStatus[]
+}
+
+// --- Extension to existing IntegrationsStatus ---
+
+// Add to existing IntegrationsStatus type:
+// gerrit: {
+//   instances: GerritInstanceStatus[]
+// }
diff --git a/specs/001-gerrit-integration/contracts/gerrit-api.yaml b/specs/001-gerrit-integration/contracts/gerrit-api.yaml
new file mode 100644
index 000000000..5c8f05509
--- /dev/null
+++ b/specs/001-gerrit-integration/contracts/gerrit-api.yaml
@@ -0,0 +1,266 @@
+openapi: 3.0.3
+info:
+  title: Gerrit Integration API
+  description: API endpoints for the Gerrit integration connector in Ambient Code Platform
+  version: 1.0.0
+
+security:
+  - bearerAuth: []
+
+paths:
+  /api/auth/gerrit/connect:
+    post:
+      summary: Connect a Gerrit instance
+      description: >
+        Validates and stores Gerrit credentials for the authenticated user.
+        Supports both HTTP basic auth and gitcookies authentication methods.
+      operationId: connectGerrit
+      tags: [Gerrit Integration]
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/GerritConnectRequest'
+      responses:
+        '200':
+          description: Successfully connected
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GerritConnectResponse'
+        '400':
+          description: Invalid request (missing fields, invalid URL, etc.)
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+        '401':
+          description: Gerrit credentials are invalid (validation failed)
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+
+  /api/auth/gerrit/{instanceName}/status:
+    get:
+      summary: Get Gerrit instance connection status
+      operationId: getGerritStatus
+      tags: [Gerrit Integration]
+      parameters:
+        - name: instanceName
+          in: path
+          required: true
+          schema:
+            type: string
+            pattern: '^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$'
+      responses:
+        '200':
+          description: Connection status
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GerritStatusResponse'
+
+  /api/auth/gerrit/{instanceName}/disconnect:
+    delete:
+      summary: Disconnect a Gerrit instance
+      operationId: disconnectGerrit
+      tags: [Gerrit Integration]
+      parameters:
+        - name: instanceName
+          in: path
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: Successfully disconnected
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/MessageResponse'
+        '404':
+          description: Instance not found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+
+  /api/auth/gerrit/test:
+    post:
+      summary: Test Gerrit credentials without storing
+      operationId: testGerritConnection
+      tags: [Gerrit Integration]
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/GerritConnectRequest'
+      responses:
+        '200':
+          description: Validation result
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GerritTestResponse'
+
+  /api/auth/gerrit/instances:
+    get:
+      summary: List all connected Gerrit instances for the user
+      operationId: listGerritInstances
+      tags: [Gerrit Integration]
+      responses:
+        '200':
+          description: List of connected instances
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GerritInstancesListResponse'
+
+  /api/projects/{projectName}/agentic-sessions/{sessionName}/credentials/gerrit:
+    get:
+      summary: Fetch Gerrit credentials for a session (runner use)
+      description: >
+        Returns all Gerrit credentials for the session owner. Used by the runner
+        at session startup to generate the gerrit_config.json file.
+      operationId: getGerritCredentialsForSession
+      tags: [Session Credentials]
+      parameters:
+        - name: projectName
+          in: path
+          required: true
+          schema:
+            type: string
+        - name: sessionName
+          in: path
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: Gerrit credentials for the session user
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GerritSessionCredentialsResponse'
+        '403':
+          description: Access denied (RBAC check failed)
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      description: JWT bearer token from platform authentication
+  schemas:
+    GerritConnectRequest:
+      type: object
+      required: [instanceName, url, authMethod]
+      properties:
+        instanceName:
+          type: string
+          description: User-assigned name for this instance
+          pattern: '^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$'
+          example: openstack
+        url:
+          type: string
+          format: uri
+          description: Gerrit instance base URL
+          example: https://review.opendev.org
+        authMethod:
+          type: string
+          enum: [http_basic, git_cookies]
+          description: Authentication method
+        username:
+          type: string
+          description: Gerrit username (required for http_basic)
+        httpToken:
+          type: string
+          description: HTTP password/access token (required for http_basic)
+        gitcookiesContent:
+          type: string
+          description: Raw gitcookies file content (required for git_cookies)
+
+    GerritConnectResponse:
+      type: object
+      properties:
+        message:
+          type: string
+          example: Gerrit instance 'openstack' connected successfully
+        instanceName:
+          type: string
+        url:
+          type: string
+        authMethod:
+          type: string
+
+    GerritStatusResponse:
+      type: object
+      properties:
+        connected:
+          type: boolean
+        instanceName:
+          type: string
+        url:
+          type: string
+        authMethod:
+          type: string
+        updatedAt:
+          type: string
+          format: date-time
+
+    GerritTestResponse:
+      type: object
+      properties:
+        valid:
+          type: boolean
+        error:
+          type: string
+          description: Error message if validation failed
+
+    GerritInstancesListResponse:
+      type: object
+      properties:
+        instances:
+          type: array
+          items:
+            $ref: '#/components/schemas/GerritStatusResponse'
+
+    GerritSessionCredentialsResponse:
+      type: object
+      properties:
+        instances:
+          type: array
+          items:
+            type: object
+            properties:
+              instanceName:
+                type: string
+              url:
+                type: string
+              authMethod:
+                type: string
+              username:
+                type: string
+              httpToken:
+                type: string
+              gitcookiesContent:
+                type: string
+
+    MessageResponse:
+      type: object
+      properties:
+        message:
+          type: string
+
+    ErrorResponse:
+      type: object
+      properties:
+        error:
+          type: string
diff --git a/specs/001-gerrit-integration/data-model.md b/specs/001-gerrit-integration/data-model.md
new file mode 100644
index 000000000..dae1f764b
--- /dev/null
+++ b/specs/001-gerrit-integration/data-model.md
@@ -0,0 +1,107 @@
+# Data Model: Gerrit Integration Connector
+
+**Branch**: `001-gerrit-integration` | **Date**: 2026-03-24
+
+## Entities
+
+### GerritCredentials
+
+Represents a user's connection to a single Gerrit instance.
+
+| Field              | Type      | Required | Description                                                  |
+|--------------------|-----------|----------|--------------------------------------------------------------|
+| userID             | string    | Yes      | Platform user identifier (from auth context)                 |
+| instanceName       | string    | Yes      | User-assigned name for this Gerrit instance (e.g., "openstack") |
+| url                | string    | Yes      | Gerrit instance base URL (e.g., `https://review.opendev.org`) |
+| authMethod         | enum      | Yes      | One of: `http_basic`, `git_cookies`                          |
+| username           | string    | Conditional | Required when authMethod is `http_basic`                  |
+| httpToken          | string    | Conditional | HTTP password/access token. Required when authMethod is `http_basic` |
+| gitcookiesContent  | string    | Conditional | Raw gitcookies file content. Required when authMethod is `git_cookies` |
+| updatedAt          | timestamp | Yes      | Last modification time (RFC3339)                             |
+
+**Identity**: Unique by `(instanceName, userID)`.
+
+**Validation rules**:
+- `url` must be a valid HTTPS URL (HTTP allowed for local development only)
+- `instanceName` must match `^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$` (lowercase, alphanumeric with hyphens, 1-63 chars)
+- When `authMethod` is `http_basic`: both `username` and `httpToken` must be non-empty
+- When `authMethod` is `git_cookies`: `gitcookiesContent` must be non-empty and contain at least one cookie line for the target host
+
+### GerritIntegrationStatus
+
+Read-only projection used for status reporting. Not stored separately.
+
+| Field         | Type    | Description                                      |
+|---------------|---------|--------------------------------------------------|
+| connected     | boolean | Whether credentials exist for this instance       |
+| instanceName  | string  | User-assigned name                                |
+| url           | string  | Gerrit instance URL                               |
+| authMethod    | string  | Authentication method in use                      |
+| updatedAt     | string  | When credentials were last updated                |
+
+## Storage
+
+### Kubernetes Secret: `gerrit-credentials`
+
+| Aspect          | Value                                        |
+|-----------------|----------------------------------------------|
+| Secret name     | `gerrit-credentials`                         |
+| Namespace       | Platform namespace (same as other creds)     |
+| Labels          | `app: ambient-code`, `ambient-code.io/provider: gerrit` |
+| Data key format | `{instanceName}:{userID}`                    |
+| Data value      | JSON-marshaled `GerritCredentials`           |
+
+**Multi-instance**: A user with two Gerrit instances ("openstack" and "android") has two entries in the same secret:
+- Key: `openstack:user123` → Value: `{"userID":"user123","instanceName":"openstack","url":"https://review.opendev.org",...}`
+- Key: `android:user123` → Value: `{"userID":"user123","instanceName":"android","url":"https://android-review.googlesource.com",...}`
+
+## Runtime Configuration
+
+### Generated `gerrit_config.json`
+
+At session startup, the runner generates this file from fetched credentials:
+
+```json
+{
+  "default_gerrit_base_url": "https://review.opendev.org/",
+  "gerrit_hosts": [
+    {
+      "name": "openstack",
+      "external_url": "https://review.opendev.org/",
+      "authentication": {
+        "type": "http_basic",
+        "username": "user",
+        "auth_token": "token"
+      }
+    },
+    {
+      "name": "android",
+      "external_url": "https://android-review.googlesource.com/",
+      "authentication": {
+        "type": "git_cookies",
+        "gitcookies_path": "/tmp/gerrit-mcp/.gitcookies"
+      }
+    }
+  ]
+}
+```
+
+For `git_cookies` auth, the runner also writes the gitcookies content to a temporary file and references its path in the config.
+
+## State Transitions
+
+```
+[Not Connected] --connect()--> [Connected]
+[Connected]     --disconnect()--> [Not Connected]
+[Connected]     --connect() with same instanceName--> [Connected] (credentials updated)
+```
+
+No intermediate states. Connection is synchronous (validate + store).
+
+## Relationships
+
+```
+User (1) ---has many---> GerritCredentials (N)
+GerritCredentials (N) ---generates at runtime---> gerrit_config.json (1 per session)
+gerrit_config.json (1) ---consumed by---> Gerrit MCP Server (1 per session)
+```
diff --git a/specs/001-gerrit-integration/plan.md b/specs/001-gerrit-integration/plan.md
new file mode 100644
index 000000000..1eabe24da
--- /dev/null
+++ b/specs/001-gerrit-integration/plan.md
@@ -0,0 +1,140 @@
+# Implementation Plan: Gerrit Integration Connector
+
+**Branch**: `001-gerrit-integration` | **Date**: 2026-03-24 | **Spec**: [spec.md](spec.md)
+**Input**: Feature specification from `/specs/001-gerrit-integration/spec.md`
+
+## Summary
+
+Add Gerrit as a first-class integration connector in Ambient Code Platform, enabling users to connect their Gerrit code review instances and use AI-assisted code review workflows through the open-source Gerrit MCP server. The implementation follows existing integration patterns (Jira, GitLab) with a dedicated backend handler, frontend connection card, and runner-side credential injection that generates the Gerrit MCP server's native `gerrit_config.json` at runtime.
+
+## Technical Context
+
+**Language/Version**: Go 1.22+ (backend/operator), TypeScript/React (frontend), Python 3.12+ (runner, Gerrit MCP server)
+**Primary Dependencies**: Gin (Go HTTP), React/Shadcn (frontend), gerrit-mcp-server (MCP tools), mcp SDK (Python)
+**Storage**: Kubernetes Secrets (credential storage, same pattern as existing integrations)
+**Testing**: `go test` (backend), Vitest (frontend), pytest (runner)
+**Target Platform**: Kubernetes (Linux containers)
+**Project Type**: Multi-component platform (backend + frontend + runner + operator)
+**Performance Goals**: Credential validation < 30 seconds, MCP tool invocations complete within Gerrit API response times
+**Constraints**: No new CRDs, no new K8s operators; fits within existing integration framework
+**Scale/Scope**: Support multiple Gerrit instances per user, standard platform user base
+
+## Constitution Check
+
+*GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
+
+No project-specific constitution defined. Default engineering principles apply:
+- No `panic()` in production Go code
+- No `any` types in frontend TypeScript
+- User token auth for all user-facing API operations
+- OwnerReferences on all child K8s resources
+- Conventional commits
+
+**Pre-design gate**: PASS (no violations)
+**Post-design gate**: PASS (design follows all existing patterns, no new abstractions introduced)
+
+## Project Structure
+
+### Documentation (this feature)
+
+```text
+specs/001-gerrit-integration/
+├── plan.md              # This file
+├── research.md          # Phase 0: Technology research and decisions
+├── data-model.md        # Phase 1: Entity definitions and storage design
+├── quickstart.md        # Phase 1: Development setup guide
+├── contracts/
+│   ├── gerrit-api.yaml  # Phase 1: OpenAPI contract
+│   └── frontend-types.ts # Phase 1: TypeScript type definitions
+└── tasks.md             # Phase 2: Task breakdown (created by /speckit.tasks)
+```
+
+### Source Code (repository root)
+
+```text
+components/backend/
+├── handlers/
+│   ├── gerrit_auth.go              # NEW: Connect/disconnect/status/test handlers
+│   ├── integrations_status.go      # MODIFY: Add Gerrit to unified status
+│   ├── integration_validation.go   # MODIFY: Add ValidateGerritToken()
+│   └── runtime_credentials.go      # MODIFY: Add session-scoped Gerrit fetch
+└── routes.go                       # MODIFY: Register Gerrit routes
+
+components/frontend/src/
+├── components/
+│   └── gerrit-connection-card.tsx   # NEW: Connection card with auth method toggle
+├── services/
+│   ├── api/
+│   │   ├── gerrit-auth.ts          # NEW: API client functions
+│   │   └── integrations.ts         # MODIFY: Add Gerrit to status type
+│   └── queries/
+│       └── use-gerrit.ts           # NEW: React Query hooks
+└── app/integrations/
+    └── IntegrationsClient.tsx       # MODIFY: Add GerritConnectionCard to grid
+
+components/runners/ambient-runner/
+├── .mcp.json                        # MODIFY: Add Gerrit MCP server entry
+├── Dockerfile                       # MODIFY: Bundle Gerrit MCP server
+└── ambient_runner/
+    ├── platform/
+    │   └── auth.py                  # MODIFY: Add Gerrit credential fetching
+    └── bridges/claude/
+        └── mcp.py                   # MODIFY: Add Gerrit config generation + auth check
+```
+
+**Structure Decision**: This feature adds files across three existing components (backend, frontend, runner) following the established integration pattern. No new components or services are introduced. The Gerrit MCP server is bundled into the runner image at build time.
+
+## Design Decisions
+
+### D1: Dedicated Handler vs Generic MCP Credentials
+
+**Chosen**: Dedicated handler (`gerrit_auth.go`) following Jira/GitLab pattern.
+
+**Why**: Gerrit requires auth method selection (HTTP vs gitcookies), dedicated validation against the Gerrit REST API, and a custom connection card UI. The generic MCP pattern (`map[string]string` fields) lacks typed validation, auth method switching, and multi-instance listing.
+
+### D2: Runtime Config File Generation
+
+**Chosen**: Runner generates `gerrit_config.json` at session startup from fetched credentials.
+
+**Why**: The Gerrit MCP server reads configuration from a JSON file (configurable via `GERRIT_CONFIG_PATH`), not from environment variables. This is different from Jira/GitLab which use env vars directly. The runner must:
+1. Fetch all Gerrit credentials for the user from the backend
+2. Generate a `gerrit_config.json` with one `gerrit_hosts` entry per connected instance
+3. For gitcookies auth, write cookie content to a temp file and reference its path
+4. Set `GERRIT_CONFIG_PATH` before launching the MCP server
+
+### D3: Multi-Instance Secret Key Format
+
+**Chosen**: `{instanceName}:{userID}` keys within a single `gerrit-credentials` secret.
+
+**Why**: Consistent with the MCP credentials pattern (`serverName:userID`). Allows listing all instances for a user by scanning keys ending with `:userID`. Single secret simplifies cleanup and backup.
+
+### D4: Credential Validation Endpoint
+
+**Chosen**: `GET /a/accounts/self` on the Gerrit REST API.
+
+**Why**: Lightest authenticated endpoint. Returns the authenticated user's account info. Works with both HTTP basic and gitcookies auth. Returns 401 for invalid credentials. Must handle Gerrit's XSSI protection prefix (`)]}'`).
+
+### D5: Gerrit MCP Server Bundling
+
+**Chosen**: Clone at pinned commit and build in Dockerfile.
+
+**Why**: Not published on PyPI, cannot use `uvx`. Build script creates a venv with hash-verified dependencies. Pinning to a specific commit ensures reproducibility.
+
+## Component Interaction Flow
+
+```
+[User] → [Frontend: GerritConnectionCard]
+         → POST /api/auth/gerrit/connect
+         → [Backend: ConnectGerrit handler]
+            → ValidateGerritToken (GET /a/accounts/self on Gerrit instance)
+            → Store in K8s Secret (gerrit-credentials)
+            → Return success
+
+[User creates session] → [Operator creates Job]
+         → [Runner startup]
+            → fetch_gerrit_credentials() from backend API
+            → Generate gerrit_config.json + gitcookies temp file
+            → Set GERRIT_CONFIG_PATH env var
+            → Launch Gerrit MCP server in STDIO mode
+            → Agent has access to 21 Gerrit tools
+```
diff --git a/specs/001-gerrit-integration/quickstart.md b/specs/001-gerrit-integration/quickstart.md
new file mode 100644
index 000000000..d6460e02f
--- /dev/null
+++ b/specs/001-gerrit-integration/quickstart.md
@@ -0,0 +1,94 @@
+# Quickstart: Gerrit Integration Connector
+
+**Branch**: `001-gerrit-integration` | **Date**: 2026-03-24
+
+## Prerequisites
+
+- Local Kind cluster running (`make kind-up`)
+- Platform deployed (`make deploy`)
+- Access to a Gerrit instance for testing (e.g., `https://review.opendev.org`)
+- Gerrit HTTP credentials or gitcookies for your account
+
+## Development Setup
+
+### 1. Backend (Go)
+
+```bash
+cd components/backend
+# After adding new handler files:
+go vet ./...
+gofmt -l .
+go build ./...
+```
+
+### 2. Frontend (TypeScript)
+
+```bash
+cd components/frontend
+npm install
+npm run dev  # http://localhost:3000
+```
+
+### 3. Runner (Python)
+
+```bash
+cd components/runners/ambient-runner
+uv venv && uv pip install -e .
+
+# Clone and build Gerrit MCP server locally for testing:
+git clone https://gerrit.googlesource.com/gerrit-mcp-server /tmp/gerrit-mcp-server
+cd /tmp/gerrit-mcp-server && ./build-gerrit.sh
+```
+
+## Key Files to Modify
+
+### Backend
+| File | Action |
+|------|--------|
+| `handlers/gerrit_auth.go` | **Create** - Connect/disconnect/status/test handlers |
+| `handlers/integrations_status.go` | **Modify** - Add Gerrit to unified status |
+| `handlers/integration_validation.go` | **Modify** - Add `ValidateGerritToken()` |
+| `handlers/runtime_credentials.go` | **Modify** - Add session-scoped Gerrit credential fetch |
+| `routes.go` | **Modify** - Register Gerrit routes |
+
+### Frontend
+| File | Action |
+|------|--------|
+| `components/gerrit-connection-card.tsx` | **Create** - Connection UI with auth method toggle |
+| `services/api/gerrit-auth.ts` | **Create** - API client functions |
+| `services/queries/use-gerrit.ts` | **Create** - React Query hooks |
+| `services/api/integrations.ts` | **Modify** - Add Gerrit to IntegrationsStatus type |
+| `app/integrations/IntegrationsClient.tsx` | **Modify** - Add GerritConnectionCard to grid |
+
+### Runner
+| File | Action |
+|------|--------|
+| `.mcp.json` | **Modify** - Add Gerrit MCP server entry |
+| `ambient_runner/platform/auth.py` | **Modify** - Add Gerrit credential fetching |
+| `ambient_runner/bridges/claude/mcp.py` | **Modify** - Add Gerrit config generation and auth check |
+| `Dockerfile` | **Modify** - Bundle Gerrit MCP server |
+
+## Testing the Integration
+
+### Manual Test Flow
+
+1. Start the platform locally
+2. Navigate to Integrations page
+3. Click "Connect Gerrit"
+4. Enter instance name, URL, and credentials
+5. Verify "Connected" status appears
+6. Create a new session
+7. Ask the agent: "List my open changes on Gerrit"
+8. Verify the agent returns results from the Gerrit instance
+
+### Credential Validation Test
+
+```bash
+# Test HTTP basic auth against Gerrit REST API:
+curl -u "username:http_password" "https://review.opendev.org/a/accounts/self" | tail -c +5 | jq .
+
+# Test with gitcookies:
+curl -b ~/.gitcookies "https://review.opendev.org/a/accounts/self" | tail -c +5 | jq .
+```
+
+Note: Gerrit REST API responses are prefixed with `)]}'` (XSSI protection). The `tail -c +5` strips this prefix.
diff --git a/specs/001-gerrit-integration/research.md b/specs/001-gerrit-integration/research.md
new file mode 100644
index 000000000..2dfbf4c0d
--- /dev/null
+++ b/specs/001-gerrit-integration/research.md
@@ -0,0 +1,136 @@
+# Research: Gerrit Integration Connector
+
+**Branch**: `001-gerrit-integration` | **Date**: 2026-03-24
+
+## R1: Gerrit MCP Server Capabilities & Configuration
+
+**Decision**: Use the open-source Gerrit MCP server from `gerrit.googlesource.com/gerrit-mcp-server` as-is, bundled into the runner image.
+
+**Rationale**: The project is maintained by the Gerrit community, exposes 21 MCP tools covering all code review operations needed (query, review, comment, manage), and supports the two authentication methods required (HTTP basic and gitcookies). Building from source is straightforward with a single shell script.
+
+**Alternatives considered**:
+- Community npm package (`@hicho-lge/gerrit-mcp`): Less mature, fewer tools, not maintained by Gerrit project.
+- Building a custom MCP server: Unnecessary duplication of effort; the official server already covers all required operations.
+
+### Key Technical Details
+
+**21 MCP Tools Available**: `query_changes`, `query_changes_by_date_and_filters`, `get_change_details`, `get_commit_message`, `list_change_files`, `get_file_diff`, `list_change_comments`, `get_bugs_from_cl`, `get_most_recent_cl`, `suggest_reviewers`, `add_reviewer`, `set_ready_for_review`, `set_work_in_progress`, `post_review_comment`, `abandon_change`, `set_topic`, `create_change`, `revert_change`, `revert_submission`, `changes_submitted_together`.
+
+**Configuration**: Uses `gerrit_config.json` file (path overrideable via `GERRIT_CONFIG_PATH` env var):
+```json
+{
+  "default_gerrit_base_url": "https://review.opendev.org/",
+  "gerrit_hosts": [
+    {
+      "name": "OpenStack",
+      "external_url": "https://review.opendev.org/",
+      "authentication": {
+        "type": "http_basic",
+        "username": "user",
+        "auth_token": "token"
+      }
+    }
+  ]
+}
+```
+
+**Authentication types**: `http_basic` (username + auth_token) and `git_cookies` (gitcookies_path). A third type `gob_curl` exists but is Google-internal only — out of scope.
+
+**STDIO launch**: `.venv/bin/python gerrit_mcp_server/main.py stdio` with `PYTHONPATH` set to project root.
+
+**Dependencies**: Python 3.12+, `mcp`, `uvicorn`, `websockets`, system `curl`.
+
+**Not on PyPI**: Must be built from source via `./build-gerrit.sh` (creates venv, installs deps with hash verification).
+
+---
+
+## R2: Platform Integration Architecture Patterns
+
+**Decision**: Use a dedicated backend handler pattern (like Jira/GitLab) rather than the generic MCP credentials pattern.
+
+**Rationale**: Gerrit requires a specialized connection card UI (auth method selector between HTTP credentials and gitcookies), dedicated credential validation against the Gerrit REST API, and custom runtime config file generation (`gerrit_config.json`). The generic MCP pattern (`map[string]string` fields) is too simple for this.
+
+**Alternatives considered**:
+- Generic MCP credentials (`POST /api/auth/mcp/:serverName/connect`): Simpler but no auth method selection UI, no dedicated validation, no typed fields.
+- Hybrid approach: Store via generic MCP but add custom validation. Adds complexity without benefit.
+
+### Platform Patterns to Follow
+
+**Backend (Go)**:
+- Credential struct: `GerritCredentials { UserID, URL, AuthMethod, Username, HTTPToken, GitcookiesContent, UpdatedAt }`
+- Secret name: `gerrit-credentials` with label `ambient-code.io/provider: gerrit`
+- Three core endpoints: `ConnectGerrit`, `GetGerritStatus`, `DisconnectGerrit`, plus `TestGerritConnection`
+- Session-scoped credential fetch: `GET /api/projects/:project/agentic-sessions/:session/credentials/gerrit`
+- Validation: Test request to Gerrit REST API `GET /a/accounts/self` with provided credentials
+- Conflict retry pattern: 3 retries on K8s optimistic locking conflicts
+
+**Frontend (React/TypeScript)**:
+- `GerritConnectionCard` component with auth method toggle (HTTP credentials vs gitcookies paste)
+- `use-gerrit.ts` React Query hooks (connect/disconnect mutations with query invalidation)
+- `gerrit-auth.ts` API client functions
+- Add to `IntegrationsClient.tsx` grid layout
+
+**Runner (Python)**:
+- Cannot use simple env var expansion like Jira — Gerrit MCP server requires a `gerrit_config.json` file
+- Runtime flow: fetch credentials from backend → generate `gerrit_config.json` → set `GERRIT_CONFIG_PATH` → launch MCP server
+- Add `fetch_gerrit_credentials()` to `auth.py`
+- Add Gerrit config generation to `mcp.py` or a new `gerrit.py` helper
+- Add `check_mcp_authentication()` case for Gerrit server
+- Register in `.mcp.json` with custom command pointing to bundled Gerrit MCP server
+
+**Integrations Status**:
+- Add `gerrit` field to unified status response in `integrations_status.go`
+- Add `gerrit` type to frontend `IntegrationsStatus` TypeScript type
+
+---
+
+## R3: Gerrit Credential Validation
+
+**Decision**: Validate by calling `GET /a/accounts/self` on the Gerrit REST API.
+
+**Rationale**: This is the lightest authenticated endpoint on Gerrit. It returns the authenticated user's account info. Works with both HTTP basic auth and gitcookies. Returns 401 on invalid credentials.
+
+**Alternatives considered**:
+- `GET /a/changes/?q=limit:1`: Heavier, may return results requiring parsing.
+- No validation: User experience suffers if invalid credentials are silently accepted.
+
+### Validation Details
+
+**HTTP Basic**: Standard HTTP Basic Auth header with `username:http_password`.
+
+**Gitcookies**: Parse the pasted content to extract the cookie for the target host, send as `Cookie` header. The gitcookies format is: `host\tFALSE\t/\tTRUE\t2147483647\to\tgit-user.cookies=value`.
+
+**Gerrit REST API note**: Gerrit prepends `)]}'` to JSON responses as an XSSI protection prefix. The validation must strip this before parsing.
+
+---
+
+## R4: Runner Bundling Strategy
+
+**Decision**: Clone and build the Gerrit MCP server into the runner Docker image at build time.
+
+**Rationale**: The Gerrit MCP server is not on PyPI, so it cannot be installed via `uvx` or `pip install`. Building at image build time ensures reproducible, hash-verified dependencies and avoids runtime network dependencies.
+
+**Alternatives considered**:
+- Runtime clone + build: Slow, unreliable, requires network access from runner pods.
+- Fork and publish to PyPI: Maintenance burden, diverges from upstream.
+- Vendoring source directly: Works but harder to update; Git clone with pinned tag is cleaner.
+
+### Bundling Approach
+
+In the runner Dockerfile:
+1. Clone `gerrit-mcp-server` at a pinned tag/commit
+2. Run `./build-gerrit.sh` to create venv with verified deps
+3. Copy built venv + source to final image
+4. Configure `.mcp.json` entry pointing to the bundled installation
+
+---
+
+## R5: Multi-Instance Support
+
+**Decision**: Store each Gerrit instance as a separate entry in the `gerrit-credentials` K8s secret, keyed by `instanceName:userID`.
+
+**Rationale**: Consistent with how the platform handles multi-value secrets. At runtime, the runner fetches all Gerrit credentials for the user and generates a single `gerrit_config.json` with multiple `gerrit_hosts` entries — leveraging the Gerrit MCP server's native multi-host support.
+
+**Alternatives considered**:
+- One secret per instance: More K8s objects to manage, harder to list all instances for a user.
+- Single credential only (no multi-instance): Limits users contributing to multiple Gerrit communities.
diff --git a/specs/001-gerrit-integration/spec.md b/specs/001-gerrit-integration/spec.md
new file mode 100644
index 000000000..7f8918abd
--- /dev/null
+++ b/specs/001-gerrit-integration/spec.md
@@ -0,0 +1,138 @@
+# Feature Specification: Gerrit Integration Connector
+
+**Feature Branch**: `001-gerrit-integration`
+**Created**: 2026-03-24
+**Status**: Draft
+**Input**: User description: "Add a Gerrit integration connector for AmbientCodePlatform, leveraging the existing open-source Gerrit MCP server from the Gerrit community (https://gerrit.googlesource.com/gerrit-mcp-server) to support communities like OpenStack that rely exclusively on Gerrit for code reviews."
+
+## Clarifications
+
+### Session 2026-03-24
+
+- Q: How should users provide their gitcookies credentials in the UI? → A: Paste gitcookies content into a text field (consistent with how other integrations accept tokens).
+- Q: Should Gerrit write operations be enabled by default or require opt-in? → A: All operations (read and write) enabled by default, consistent with GitHub/Jira/GitLab integrations.
+- Q: When multiple Gerrit instances are connected, should all be available in every session? → A: Yes, all connected instances are automatically available in every session.
+
+## User Scenarios & Testing *(mandatory)*
+
+### User Story 1 - Connect a Gerrit Instance (Priority: P1)
+
+A platform user navigates to the Integrations page and connects their Gerrit code review instance by providing their Gerrit server URL and authentication credentials. Once connected, the integration status shows as active and the user's agentic sessions can interact with Gerrit.
+
+**Why this priority**: Without a working connection, no Gerrit functionality is available. This is the foundation for all other Gerrit interactions.
+
+**Independent Test**: Can be fully tested by navigating to Integrations, filling in Gerrit credentials, and verifying the connection status indicator shows "connected." Delivers the value of establishing a verified link to a Gerrit instance.
+
+**Acceptance Scenarios**:
+
+1. **Given** a user is on the Integrations page, **When** they select an authentication method (HTTP credentials or gitcookies), enter a valid Gerrit server URL and the corresponding credentials, and click Connect, **Then** the system validates the credentials against the Gerrit instance and displays a "Connected" status.
+2. **Given** a user provides invalid Gerrit credentials, **When** they attempt to connect, **Then** the system displays a clear error message indicating the credentials are invalid.
+3. **Given** a user has a connected Gerrit integration, **When** they view the integrations status, **Then** Gerrit appears as an active integration with the server URL displayed.
+4. **Given** a user wants to disconnect Gerrit, **When** they click Disconnect, **Then** the integration is removed and future sessions no longer have Gerrit access.
+
+---
+
+### User Story 2 - Use Gerrit Tools in Agentic Sessions (Priority: P1)
+
+A platform user with a connected Gerrit integration creates an agentic session. The session automatically has access to Gerrit MCP tools, allowing the AI agent to query changes, review code, post comments, and manage code reviews on the user's behalf.
+
+**Why this priority**: This is the core value proposition - enabling AI-assisted code review workflows on Gerrit. Without this, the integration has no practical use.
+
+**Independent Test**: Can be tested by creating a session after connecting Gerrit, then asking the agent to query open changes or retrieve a specific change's details. Delivers the value of AI-powered Gerrit interaction.
+
+**Acceptance Scenarios**:
+
+1. **Given** a user has connected Gerrit credentials, **When** they start a new agentic session, **Then** the Gerrit MCP tools are available to the AI agent within that session.
+2. **Given** an active session with Gerrit tools, **When** the agent is asked to list open changes for a project, **Then** the agent uses the Gerrit query tool and returns results from the connected Gerrit instance.
+3. **Given** an active session with Gerrit tools, **When** the agent is asked to review a specific change, **Then** the agent can retrieve the change details, view file diffs, and read existing comments.
+4. **Given** a user has NOT connected Gerrit, **When** they start a session, **Then** Gerrit tools are not available and the agent does not attempt Gerrit operations.
+
+---
+
+### User Story 3 - View Gerrit Integration Status Per Session (Priority: P2)
+
+A platform user viewing an active session can see whether the Gerrit integration is connected and available for that session. This gives visibility into which tools the agent has access to.
+
+**Why this priority**: Provides transparency and troubleshooting capability, but sessions still function without this visibility.
+
+**Independent Test**: Can be tested by viewing the session settings/integrations panel and confirming Gerrit status is accurately reflected. Delivers the value of integration transparency.
+
+**Acceptance Scenarios**:
+
+1. **Given** a user has connected Gerrit and starts a session, **When** they view the session's integrations panel, **Then** Gerrit shows as "Connected" with the server URL.
+2. **Given** a user has NOT connected Gerrit, **When** they view the session's integrations panel, **Then** Gerrit shows as "Not connected" with a link to the Integrations page.
+
+---
+
+### User Story 4 - Connect Multiple Gerrit Instances (Priority: P3)
+
+A platform user who contributes to multiple Gerrit-hosted projects (e.g., OpenStack on review.opendev.org and Android on android-review.googlesource.com) can connect multiple Gerrit instances and specify which one to use in their sessions.
+
+**Why this priority**: Valuable for power users contributing to multiple communities, but the majority of users will work with a single Gerrit instance.
+
+**Independent Test**: Can be tested by connecting two different Gerrit servers, starting a session, and directing the agent to query changes from each instance. Delivers the value of multi-community collaboration.
+
+**Acceptance Scenarios**:
+
+1. **Given** a user has connected two Gerrit instances, **When** they start a session, **Then** all connected instances are automatically available and the agent can interact with both without per-session selection.
+2. **Given** a user has multiple Gerrit instances, **When** they view the Integrations page, **Then** each instance is listed separately with its own status and disconnect option.
+
+---
+
+### Edge Cases
+
+- What happens when a user's Gerrit credentials expire or are revoked mid-session? The session should gracefully report that the Gerrit tools are unavailable and suggest re-authenticating.
+- What happens when the Gerrit server is unreachable? The agent should report connectivity issues without crashing the session.
+- What happens when a user connects a Gerrit instance that requires a specific authentication method not supported? The system should display a clear error about unsupported authentication.
+- How does the system handle Gerrit instances behind corporate firewalls or VPNs? The system should attempt connection and report clear timeout/unreachable errors.
+
+## Requirements *(mandatory)*
+
+### Functional Requirements
+
+- **FR-001**: System MUST allow users to connect a Gerrit instance by providing a server URL and authentication credentials from the Integrations page.
+- **FR-002**: System MUST support two authentication methods: (a) HTTP credentials (username and HTTP password/access token generated from the Gerrit instance), and (b) gitcookies content pasted into a text field, which is the authentication method used by many Gerrit-based communities including OpenStack.
+- **FR-003**: System MUST validate Gerrit credentials upon connection by making a test request to the Gerrit instance.
+- **FR-004**: System MUST store Gerrit credentials securely, scoped to the individual user, following the same credential isolation patterns used by existing integrations.
+- **FR-005**: System MUST expose Gerrit MCP tools to agentic sessions when the user has a connected Gerrit integration.
+- **FR-006**: System MUST provide Gerrit integration status on both the global Integrations page and per-session integrations panel.
+- **FR-007**: System MUST allow users to disconnect a Gerrit integration, removing stored credentials.
+- **FR-008**: System MUST support the Gerrit MCP server's full capabilities with both read and write operations enabled by default: querying changes, viewing change details and diffs, posting review comments, managing reviewers, and change lifecycle operations (abandon, WIP, ready for review).
+- **FR-009**: System MUST inject Gerrit credentials into the runner environment at session startup so the Gerrit MCP server can authenticate with the Gerrit instance.
+- **FR-010**: System MUST support connecting multiple Gerrit instances per user, each identified by a unique name or server URL.
+
+### Key Entities
+
+- **Gerrit Integration**: A user's connection to a Gerrit code review instance, comprising a server URL, authentication credentials, and connection status.
+- **Gerrit MCP Server**: The open-source MCP server from the Gerrit community that translates MCP tool calls into Gerrit REST API requests. Bundled as part of the platform's runner environment.
+- **Gerrit Credentials**: User-scoped authentication data stored securely and fetched at session runtime. Comprises either (a) server URL, username, and HTTP password/access token, or (b) server URL and gitcookies file content.
+
+## Success Criteria *(mandatory)*
+
+### Measurable Outcomes
+
+- **SC-001**: Users can connect a Gerrit instance and see a confirmed "Connected" status within 30 seconds of providing valid credentials.
+- **SC-002**: Agentic sessions with a connected Gerrit integration can successfully query changes, retrieve change details, and post review comments.
+- **SC-003**: The Gerrit integration follows the same user experience patterns as existing integrations (GitHub, Jira, GitLab), requiring no additional learning curve for users already familiar with the platform.
+- **SC-004**: Users can disconnect and reconnect Gerrit integrations without affecting other integrations or active sessions.
+- **SC-005**: 95% of Gerrit tool invocations in sessions complete successfully when credentials are valid and the Gerrit server is reachable.
+
+## Assumptions
+
+- The open-source Gerrit MCP server from `gerrit.googlesource.com/gerrit-mcp-server` is suitable for bundling into the platform's runner environment.
+- Two authentication methods are supported: HTTP credentials (username + HTTP password/access token) and gitcookies file content. Both are widely used across Gerrit deployments.
+- The Gerrit MCP server will be run in STDIO mode within the runner pod, consistent with how other MCP servers (e.g., mcp-atlassian, google-workspace) are launched.
+- The platform's existing generic MCP server credential storage pattern (`mcp-server-credentials` secret with `serverName:userID` keying) can be extended to support Gerrit.
+- Users are responsible for obtaining their own credentials: either generating an HTTP password from their Gerrit instance's Settings page, or obtaining their gitcookies file content.
+
+## Dependencies
+
+- **Gerrit MCP Server**: The open-source project at `gerrit.googlesource.com/gerrit-mcp-server` must be compatible with the runner's Python environment.
+- **Existing Integration Framework**: This feature builds on the platform's existing MCP server integration patterns (backend credential storage, frontend connection cards, runner credential injection).
+
+## Out of Scope
+
+- OAuth or SSO-based authentication for Gerrit (only HTTP credentials and gitcookies are supported in v1).
+- Gerrit administrative operations (project creation, access control management, plugin management).
+- Hosting or proxying the Gerrit MCP server centrally - it runs within each session's runner pod.
+- Git push/fetch operations to Gerrit repositories (this integration covers the code review API, not Git transport).
diff --git a/specs/001-gerrit-integration/tasks.md b/specs/001-gerrit-integration/tasks.md
new file mode 100644
index 000000000..a7adad8ca
--- /dev/null
+++ b/specs/001-gerrit-integration/tasks.md
@@ -0,0 +1,218 @@
+# Tasks: Gerrit Integration Connector
+
+**Input**: Design documents from `/specs/001-gerrit-integration/`
+**Prerequisites**: plan.md (required), spec.md (required), research.md, data-model.md, contracts/
+
+**Tests**: Not explicitly requested in the feature specification. Test tasks are omitted.
+
+**Organization**: Tasks are grouped by user story to enable independent implementation and testing of each story.
+
+## Format: `[ID] [P?] [Story] Description`
+
+- **[P]**: Can run in parallel (different files, no dependencies)
+- **[Story]**: Which user story this task belongs to (e.g., US1, US2, US3)
+- Include exact file paths in descriptions
+
+## Path Conventions
+
+- **Backend**: `components/backend/`
+- **Frontend**: `components/frontend/src/`
+- **Runner**: `components/runners/ambient-runner/`
+
+---
+
+## Phase 1: Setup
+
+**Purpose**: Bundle the Gerrit MCP server into the runner image and establish the foundation for integration work.
+
+- [x] T001 Add Gerrit MCP server clone and build steps to runner Dockerfile at `components/runners/ambient-runner/Dockerfile` — clone `https://gerrit.googlesource.com/gerrit-mcp-server` at pinned commit `5666642afe1a5217e2529225d4bd9c9df6310bd6` (2026-03-23, master), run `./build-gerrit.sh`, copy built venv + source to final image under `/opt/gerrit-mcp-server/`
+
+---
+
+## Phase 2: Foundational (Blocking Prerequisites)
+
+**Purpose**: Backend credential storage and validation — MUST be complete before frontend or runner work.
+
+**CRITICAL**: No user story work can begin until this phase is complete.
+
+- [x] T002 Create `ValidateGerritToken()` function in `components/backend/handlers/integration_validation.go` — accepts URL, authMethod, username, httpToken, gitcookiesContent; makes `GET /a/accounts/self` request to the Gerrit instance using HTTP Basic Auth or gitcookies Cookie header; strips `)]}'` XSSI prefix from response; returns (bool, error) following the same pattern as `ValidateJiraToken()` and `ValidateGitLabToken()`
+- [x] T003 Create `components/backend/handlers/gerrit_auth.go` with GerritCredentials struct (UserID, InstanceName, URL, AuthMethod, Username, HTTPToken, GitcookiesContent, UpdatedAt), K8s Secret helpers (store/get/delete/list using `gerrit-credentials` secret with `{instanceName}:{userID}` key format and label `ambient-code.io/provider: gerrit`), and five HTTP handlers: `ConnectGerrit` (POST, validates via `ValidateGerritToken` then stores), `TestGerritConnection` (POST, validates without storing), `GetGerritStatus` (GET with `:instanceName` param), `DisconnectGerrit` (DELETE with `:instanceName` param), `ListGerritInstances` (GET, returns all instances for user) — follow `jira_auth.go` patterns for K8s client usage, conflict retry, and error handling
+- [x] T004 Add session-scoped Gerrit credential fetch handler `GetGerritCredentialsForSession` in `components/backend/handlers/runtime_credentials.go` — follows the same RBAC pattern as existing session credential endpoints; fetches ALL Gerrit instances for the effective user and returns them as a JSON array of instances with fields: instanceName, url, authMethod, username, httpToken, gitcookiesContent
+- [x] T005 Add Gerrit status to unified integrations status in `components/backend/handlers/integrations_status.go` — add `getGerritStatusForUser()` helper that lists all Gerrit instances for the user; include `gerrit` field in the response object with an `instances` array of `{connected, instanceName, url, authMethod, updatedAt}`
+- [x] T006 Register all Gerrit routes in `components/backend/routes.go` — cluster-level: `POST /api/auth/gerrit/connect`, `POST /api/auth/gerrit/test`, `GET /api/auth/gerrit/instances`, `GET /api/auth/gerrit/:instanceName/status`, `DELETE /api/auth/gerrit/:instanceName/disconnect`; session-scoped: `GET /api/projects/:projectName/agentic-sessions/:sessionName/credentials/gerrit`
+
+**Checkpoint**: Backend API is complete — Gerrit credentials can be stored, validated, listed, and fetched via session endpoints.
+
+---
+
+## Phase 3: User Story 1 — Connect a Gerrit Instance (Priority: P1) MVP
+
+**Goal**: Users can connect and disconnect Gerrit instances from the Integrations page with credential validation.
+
+**Independent Test**: Navigate to Integrations page, enter Gerrit credentials (HTTP basic or gitcookies), click Connect, verify "Connected" status appears. Disconnect and verify status clears.
+
+### Implementation for User Story 1
+
+- [x] T007 [P] [US1] Create API client functions in `components/frontend/src/services/api/gerrit-auth.ts` — export `connectGerrit(data: GerritConnectRequest)`, `testGerritConnection(data: GerritConnectRequest)`, `getGerritInstances()`, `getGerritInstanceStatus(instanceName: string)`, `disconnectGerrit(instanceName: string)` using the existing `apiClient` pattern from `jira-auth.ts`
+- [x] T008 [P] [US1] Add Gerrit types to `components/frontend/src/services/api/integrations.ts` — add `GerritAuthMethod`, `GerritInstanceStatus`, and `gerrit: { instances: GerritInstanceStatus[] }` field to the existing `IntegrationsStatus` type
+- [x] T009 [US1] Create React Query hooks in `components/frontend/src/services/queries/use-gerrit.ts` — export `useConnectGerrit()`, `useDisconnectGerrit()`, `useTestGerritConnection()` mutations with query invalidation on `['integrations', 'status']` and `['gerrit', 'instances']` keys; export `useGerritInstances()` query hook — follow `use-jira.ts` patterns
+- [x] T010 [US1] Create `components/frontend/src/components/gerrit-connection-card.tsx` — GerritConnectionCard component with: auth method toggle (radio/select: "HTTP Credentials" vs "Gitcookies"), conditional form fields (URL + username + HTTP token for http_basic; URL + gitcookies textarea for git_cookies), instance name input field, Connect/Test/Disconnect buttons, connection status indicator with server URL display, error/success toast messages — follow `jira-connection-card.tsx` layout and state patterns
+- [x] T011 [US1] Add GerritConnectionCard to integrations page grid in `components/frontend/src/app/integrations/IntegrationsClient.tsx` — import and render `<GerritConnectionCard>` in the grid layout alongside existing cards, passing `status={integrations?.gerrit}` and `onRefresh={refetch}` props
+
+**Checkpoint**: User Story 1 complete — users can connect/disconnect Gerrit instances via the UI with real-time validation and status display.
+
+---
+
+## Phase 4: User Story 2 — Use Gerrit Tools in Agentic Sessions (Priority: P1)
+
+**Goal**: Sessions automatically have access to Gerrit MCP tools when the user has connected credentials.
+
+**Independent Test**: Connect Gerrit credentials, create a session, ask the agent to "list my open changes on Gerrit" and verify it returns results.
+
+### Implementation for User Story 2
+
+- [x] T012 [P] [US2] Add Gerrit MCP server entry to `components/runners/ambient-runner/.mcp.json` — add `"gerrit"` server with `command` pointing to bundled Python venv (`/opt/gerrit-mcp-server/.venv/bin/python`), `args` set to `["/opt/gerrit-mcp-server/gerrit_mcp_server/main.py", "stdio"]`, and `env` block with `PYTHONPATH: "/opt/gerrit-mcp-server/"` and `GERRIT_CONFIG_PATH: "${GERRIT_CONFIG_PATH}"`
+- [x] T013 [P] [US2] Add `fetch_gerrit_credentials()` function to `components/runners/ambient-runner/ambient_runner/platform/auth.py` — call `_fetch_credential(context, "gerrit")` to get all Gerrit instances from the backend session credential endpoint; return the parsed instances list
+- [x] T014 [US2] Add Gerrit config generation to `components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py` — implement `generate_gerrit_config(instances)` that: (1) creates `/tmp/gerrit-mcp/` directory, (2) for each instance with `git_cookies` auth, writes gitcookies content to `/tmp/gerrit-mcp/.gitcookies` temp file, (3) builds `gerrit_config.json` with `gerrit_hosts` array mapping each instance to the Gerrit MCP server's native config format (name, external_url, authentication with type/username/auth_token or gitcookies_path), (4) writes config to `/tmp/gerrit-mcp/gerrit_config.json`, (5) sets `GERRIT_CONFIG_PATH` env var; call this from `build_mcp_servers()` before loading MCP config
+- [x] T015 [US2] Add Gerrit auth check to `check_mcp_authentication()` in `components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py` — add case for server name `"gerrit"`: check if `GERRIT_CONFIG_PATH` is set and the config file exists; if yes return `(True, "Gerrit credentials configured")`; if not, attempt backend API fallback (same pattern as Jira); return `(False, "Gerrit not configured")` if no credentials found. Note: mid-session credential expiry is handled gracefully by the Gerrit MCP server itself (returns auth errors to the agent), so no additional error handling is needed in the runner
+- [x] T016 [US2] Add Gerrit to `populate_runtime_credentials()` in `components/runners/ambient-runner/ambient_runner/platform/auth.py` — add `fetch_gerrit_credentials(context)` to the `asyncio.gather()` call; if instances are returned, call `generate_gerrit_config(instances)` to write the config file before MCP server startup
+- [x] T017 [US2] Add Gerrit credential clearing to `clear_runtime_credentials()` in `components/runners/ambient-runner/ambient_runner/platform/auth.py` — remove `GERRIT_CONFIG_PATH` env var and delete `/tmp/gerrit-mcp/` directory (config file + gitcookies) after turn completes
+
+**Checkpoint**: User Story 2 complete — sessions with connected Gerrit credentials can query changes, view diffs, and post comments via the 21 Gerrit MCP tools.
+
+---
+
+## Phase 5: User Story 3 — View Gerrit Integration Status Per Session (Priority: P2)
+
+**Goal**: Users can see Gerrit connection status in the per-session integrations panel.
+
+**Independent Test**: Open a session's settings/integrations panel, verify Gerrit shows "Connected" with URL (or "Not connected" with link to Integrations page).
+
+### Implementation for User Story 3
+
+- [x] T018 [US3] Add Gerrit status display to the session integrations panel in `components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/integrations-panel.tsx` — add a Gerrit section that reads from the session's integration status; display "Connected" with instance URL(s) when Gerrit credentials exist, or "Not connected" with a link to `/integrations` when absent — follow the same display pattern used for Jira/GitLab in this panel
+
+**Checkpoint**: User Story 3 complete — session-level Gerrit status is visible.
+
+---
+
+## Phase 6: User Story 4 — Connect Multiple Gerrit Instances (Priority: P3)
+
+**Goal**: Users can connect multiple Gerrit instances and all are available in every session.
+
+**Independent Test**: Connect two different Gerrit servers (e.g., openstack + android), start a session, verify the agent can interact with both.
+
+### Implementation for User Story 4
+
+- [x] T019 [US4] Update `GerritConnectionCard` in `components/frontend/src/components/gerrit-connection-card.tsx` to display a list of connected instances with individual disconnect buttons, and an "Add Instance" button that shows the connection form — when multiple instances are connected, show each as a row with instance name, URL, auth method, and a disconnect action
+- [x] T020 [US4] Verify multi-instance `gerrit_config.json` generation in runner — ensure `generate_gerrit_config()` correctly maps multiple instances to multiple `gerrit_hosts` entries; the first instance's URL becomes `default_gerrit_base_url`; gitcookies from multiple instances are concatenated into a single `.gitcookies` file (one line per host)
+
+**Checkpoint**: User Story 4 complete — multiple Gerrit instances are manageable and all available in sessions.
+
+---
+
+## Phase 7: Polish & Cross-Cutting Concerns
+
+**Purpose**: Improvements that affect multiple user stories.
+
+- [x] T021 [P] Verify backend compiles cleanly: run `cd components/backend && gofmt -l . && go vet ./... && go build ./...`
+- [x] T022 [P] Verify frontend builds cleanly: run `cd components/frontend && npm run build` — ensure zero errors and zero warnings
+- [x] T023 [P] Verify runner installs cleanly: run `cd components/runners/ambient-runner && uv venv && uv pip install -e .`
+- [ ] T024 Run end-to-end manual validation per quickstart.md: connect Gerrit instance via UI, verify status, create session, query changes via agent, disconnect and verify cleanup
+
+---
+
+## Dependencies & Execution Order
+
+### Phase Dependencies
+
+- **Setup (Phase 1)**: No dependencies — can start immediately
+- **Foundational (Phase 2)**: Depends on Setup — BLOCKS all user stories
+- **User Stories (Phase 3+)**: All depend on Foundational phase completion
+  - US1 and US2 are both P1 but US2 depends on US1 (runner needs credentials connected via UI)
+  - US3 can proceed in parallel with US2 (different files)
+  - US4 extends US1 (multi-instance UI) and US2 (multi-instance config generation)
+- **Polish (Phase 7)**: Depends on all user stories being complete
+
+### User Story Dependencies
+
+- **User Story 1 (P1)**: Can start after Foundational (Phase 2) — no other story dependencies
+- **User Story 2 (P1)**: Can start after Foundational (Phase 2) — independent of US1 at code level but requires US1 for end-to-end testing
+- **User Story 3 (P2)**: Can start after Foundational (Phase 2) — independent of US1/US2
+- **User Story 4 (P3)**: Extends US1 (UI) and US2 (runner config) — start after both are complete
+
+### Within Each User Story
+
+- API client before React Query hooks before components (frontend)
+- Credential fetching before config generation (runner)
+- Core implementation before integration with existing pages
+
+### Parallel Opportunities
+
+- T002 (validation) can run in parallel with T001 (Dockerfile) — different components
+- T007 and T008 (frontend API + types) can run in parallel — different files
+- T012 (.mcp.json) can run in parallel with T013 (auth.py) — different files
+- T018 (US3 session panel) can run in parallel with T012-T017 (US2 runner work)
+- T021, T022, T023 (build verifications) can all run in parallel
+
+---
+
+## Parallel Example: User Story 1
+
+```bash
+# Launch API client and types in parallel:
+Task: "T007 [P] [US1] Create API client in gerrit-auth.ts"
+Task: "T008 [P] [US1] Add Gerrit types to integrations.ts"
+
+# Then sequentially:
+Task: "T009 [US1] Create React Query hooks in use-gerrit.ts"
+Task: "T010 [US1] Create GerritConnectionCard component"
+Task: "T011 [US1] Add card to IntegrationsClient.tsx grid"
+```
+
+## Parallel Example: User Story 2
+
+```bash
+# Launch MCP config and auth in parallel:
+Task: "T012 [P] [US2] Add Gerrit entry to .mcp.json"
+Task: "T013 [P] [US2] Add fetch_gerrit_credentials() to auth.py"
+
+# Then sequentially:
+Task: "T014 [US2] Add Gerrit config generation to mcp.py"
+Task: "T015 [US2] Add Gerrit auth check to mcp.py"
+Task: "T016 [US2] Add Gerrit to populate_runtime_credentials()"
+Task: "T017 [US2] Add Gerrit to clear_runtime_credentials()"
+```
+
+---
+
+## Implementation Strategy
+
+### MVP First (User Story 1 Only)
+
+1. Complete Phase 1: Setup (Dockerfile bundling)
+2. Complete Phase 2: Foundational (backend API)
+3. Complete Phase 3: User Story 1 (frontend connect/disconnect)
+4. **STOP and VALIDATE**: Test connecting a real Gerrit instance
+5. Deploy/demo if ready
+
+### Incremental Delivery
+
+1. Setup + Foundational -> Backend API ready
+2. Add User Story 1 -> Users can connect Gerrit (MVP!)
+3. Add User Story 2 -> Sessions can use Gerrit tools (core value!)
+4. Add User Story 3 -> Session-level status visibility
+5. Add User Story 4 -> Multi-instance support for power users
+6. Polish -> Build verification and manual E2E validation
+
+---
+
+## Notes
+
+- [P] tasks = different files, no dependencies
+- [Story] label maps task to specific user story for traceability
+- Each user story is independently completable and testable
+- Commit after each task or logical group
+- Stop at any checkpoint to validate story independently
+- The Gerrit MCP server is an external dependency — pin to a specific commit hash in the Dockerfile for reproducibility
+- Gerrit REST API responses have a `)]}'` XSSI prefix that must be stripped in validation code

From 457f64c91df71fc3964c588914e424f8012eb794 Mon Sep 17 00:00:00 2001
From: Sylvain Bauza <sbauza@free.fr>
Date: Thu, 26 Mar 2026 11:56:14 +0100
Subject: [PATCH 2/6] fix: address CodeRabbit review feedback

- Sort Gerrit instances by name for deterministic API responses
- Register missing /version route in backend
- Encode instanceName in frontend proxy routes to prevent path injection
- Clean up stale Gerrit config when instance list is empty
- Add debug logging to bare except blocks in MCP credential checks
- Update integrations-panel tests for 5th integration (Gerrit)
- Fix markdown heading spacing (MD022)
- Clarify K8s Secrets encryption-at-rest requires cluster config
- Align contract types with implementation (required fields)
- Fix instanceName char range in spec (2-63, not 1-63)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../backend/handlers/integrations_status.go       |  5 +++++
 components/backend/routes.go                      |  1 +
 .../gerrit/[instanceName]/disconnect/route.ts     |  3 ++-
 .../auth/gerrit/[instanceName]/status/route.ts    |  3 ++-
 .../__tests__/integrations-panel.test.tsx         | 10 +++++++---
 .../ambient_runner/bridges/claude/mcp.py          | 15 +++++++++------
 docs/internal/integrations/README.md              |  2 ++
 docs/internal/integrations/gerrit-integration.md  |  2 +-
 .../contracts/frontend-types.ts                   |  6 +++---
 specs/001-gerrit-integration/data-model.md        |  2 +-
 10 files changed, 33 insertions(+), 16 deletions(-)

diff --git a/components/backend/handlers/integrations_status.go b/components/backend/handlers/integrations_status.go
index f12558500..e78d373a3 100644
--- a/components/backend/handlers/integrations_status.go
+++ b/components/backend/handlers/integrations_status.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"log"
 	"net/http"
+	"sort"
 
 	"github.com/gin-gonic/gin"
 )
@@ -141,6 +142,10 @@ func getGerritStatusForUser(ctx context.Context, userID string) gin.H {
 		return gin.H{"instances": []gin.H{}}
 	}
 
+	sort.Slice(instances, func(i, j int) bool {
+		return instances[i].InstanceName < instances[j].InstanceName
+	})
+
 	result := make([]gin.H, 0, len(instances))
 	for _, creds := range instances {
 		result = append(result, gin.H{
diff --git a/components/backend/routes.go b/components/backend/routes.go
index 6b2daeb12..47b8bc501 100644
--- a/components/backend/routes.go
+++ b/components/backend/routes.go
@@ -12,6 +12,7 @@ func registerRoutes(r *gin.Engine) {
 	api := r.Group("/api")
 	{
 		// Public endpoints (no auth required)
+		api.GET("/version", handlers.GetVersion)
 		api.GET("/workflows/ootb", handlers.ListOOTBWorkflows)
 		// Global runner-types endpoint (no workspace overrides — for admin pages)
 		api.GET("/runner-types", handlers.GetRunnerTypesGlobal)
diff --git a/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts b/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
index 687b643a5..5612c71e4 100644
--- a/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
+++ b/components/frontend/src/app/api/auth/gerrit/[instanceName]/disconnect/route.ts
@@ -6,9 +6,10 @@ export async function DELETE(
   { params }: { params: Promise<{ instanceName: string }> }
 ) {
   const { instanceName } = await params
+  const safeInstanceName = encodeURIComponent(instanceName)
   const headers = await buildForwardHeadersAsync(request)
 
-  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${instanceName}/disconnect`, {
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${safeInstanceName}/disconnect`, {
     method: 'DELETE',
     headers,
   })
diff --git a/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts b/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
index 9cf1ca129..d8a43dd39 100644
--- a/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
+++ b/components/frontend/src/app/api/auth/gerrit/[instanceName]/status/route.ts
@@ -6,9 +6,10 @@ export async function GET(
   { params }: { params: Promise<{ instanceName: string }> }
 ) {
   const { instanceName } = await params
+  const safeInstanceName = encodeURIComponent(instanceName)
   const headers = await buildForwardHeadersAsync(request)
 
-  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${instanceName}/status`, {
+  const resp = await fetch(`${BACKEND_URL}/auth/gerrit/${safeInstanceName}/status`, {
     method: 'GET',
     headers,
   })
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/__tests__/integrations-panel.test.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/__tests__/integrations-panel.test.tsx
index 1b18e4798..dfeef05d9 100644
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/__tests__/integrations-panel.test.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/settings/__tests__/integrations-panel.test.tsx
@@ -7,6 +7,7 @@ type IntegrationsData = {
   gitlab: { connected: boolean };
   jira: { connected: boolean };
   google: { connected: boolean };
+  gerrit: { instances: Array<{ connected: boolean; instanceName: string }> };
 } | null;
 
 const mockUseIntegrationsStatus = vi.fn((): { data: IntegrationsData; isPending: boolean } => ({
@@ -36,13 +37,14 @@ describe('IntegrationsPanel', () => {
     expect(skeletons.length).toBeGreaterThan(0);
   });
 
-  it('renders integration cards (GitHub, GitLab, Google Workspace, Jira)', () => {
+  it('renders integration cards (GitHub, GitLab, Google Workspace, Jira, Gerrit)', () => {
     mockUseIntegrationsStatus.mockReturnValue({
       data: {
         github: { active: null },
         gitlab: { connected: false },
         jira: { connected: false },
         google: { connected: false },
+        gerrit: { instances: [] },
       },
       isPending: false,
     });
@@ -51,6 +53,7 @@ describe('IntegrationsPanel', () => {
     expect(screen.getByText('GitLab')).toBeDefined();
     expect(screen.getByText('Google Workspace')).toBeDefined();
     expect(screen.getByText('Jira')).toBeDefined();
+    expect(screen.getByText('Gerrit')).toBeDefined();
   });
 
   it('shows connected status for configured integrations', () => {
@@ -60,11 +63,12 @@ describe('IntegrationsPanel', () => {
         gitlab: { connected: true },
         jira: { connected: true },
         google: { connected: false },
+        gerrit: { instances: [] },
       },
       isPending: false,
     });
     render(<IntegrationsPanel />);
-    // 3 out of 4 configured: badge should show 3/4
-    expect(screen.getByText('3/4')).toBeDefined();
+    // 3 out of 5 configured: badge should show 3/5
+    expect(screen.getByText('3/5')).toBeDefined();
   });
 });
diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
index 14dd0717a..6daa32ff4 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
@@ -39,10 +39,13 @@ def generate_gerrit_config(instances: list[dict]) -> None:
 
     Sets GERRIT_CONFIG_PATH env var to point to the generated config.
     """
+    config_dir = Path("/tmp/gerrit-mcp")
+    if config_dir.exists():
+        import shutil
+        shutil.rmtree(config_dir)
     if not instances:
+        os.environ.pop("GERRIT_CONFIG_PATH", None)
         return
-
-    config_dir = Path("/tmp/gerrit-mcp")
     config_dir.mkdir(parents=True, exist_ok=True)
 
     gerrit_hosts = []
@@ -323,10 +326,10 @@ def check_mcp_authentication(server_name: str) -> tuple[bool | None, str | None]
                                 True,
                                 "Jira credentials available (not yet loaded in session)",
                             )
-                except Exception:
-                    pass
-        except Exception:
-            pass
+                except Exception as e:
+                    logger.debug(f"Jira credential probe failed: {e}")
+        except Exception as e:
+            logger.debug(f"Jira credential check setup failed: {e}")
 
         return False, "Jira not configured - connect on Integrations page"
 
diff --git a/docs/internal/integrations/README.md b/docs/internal/integrations/README.md
index 11f54476f..405d5b249 100644
--- a/docs/internal/integrations/README.md
+++ b/docs/internal/integrations/README.md
@@ -63,6 +63,7 @@ Documentation for integrating the Ambient Code Platform with external services.
 - **Instance URL** - Support for self-hosted
 
 ### Gerrit
+
 - **HTTP Basic** - Username + HTTP password
 - **Gitcookies** - Cookie-based authentication
 - **Multi-instance** - Connect multiple Gerrit servers
@@ -92,6 +93,7 @@ All integrations are configured per-project via:
 - [GitLab API Endpoints](../api/gitlab-endpoints.md) - API reference
 
 ### Gerrit
+
 - [Gerrit Integration](gerrit-integration.md) - Setup and usage guide
 
 ### Google Workspace
diff --git a/docs/internal/integrations/gerrit-integration.md b/docs/internal/integrations/gerrit-integration.md
index 5d92a0e3e..15aee75d5 100644
--- a/docs/internal/integrations/gerrit-integration.md
+++ b/docs/internal/integrations/gerrit-integration.md
@@ -207,7 +207,7 @@ Both instances will be available to the MCP server during AgenticSessions.
 
 - Credentials are stored in a Kubernetes Secret named `gerrit-credentials`
 - Each credential entry uses a compound key: `instanceName.userID`
-- Secrets are encrypted at rest (standard Kubernetes Secret encryption)
+- Stored in Kubernetes Secrets (encrypted at rest when cluster-level encryption is configured)
 - Credentials are never logged in plaintext
 - Credentials are not exposed in API responses after storage
 
diff --git a/specs/001-gerrit-integration/contracts/frontend-types.ts b/specs/001-gerrit-integration/contracts/frontend-types.ts
index bf74e6bf9..efefb9426 100644
--- a/specs/001-gerrit-integration/contracts/frontend-types.ts
+++ b/specs/001-gerrit-integration/contracts/frontend-types.ts
@@ -26,9 +26,9 @@ export interface GerritConnectResponse {
 export interface GerritInstanceStatus {
   connected: boolean
   instanceName: string
-  url?: string
-  authMethod?: GerritAuthMethod
-  updatedAt?: string
+  url: string
+  authMethod: GerritAuthMethod
+  updatedAt: string
 }
 
 export interface GerritTestResponse {
diff --git a/specs/001-gerrit-integration/data-model.md b/specs/001-gerrit-integration/data-model.md
index dae1f764b..9728fa50c 100644
--- a/specs/001-gerrit-integration/data-model.md
+++ b/specs/001-gerrit-integration/data-model.md
@@ -23,7 +23,7 @@ Represents a user's connection to a single Gerrit instance.
 
 **Validation rules**:
 - `url` must be a valid HTTPS URL (HTTP allowed for local development only)
-- `instanceName` must match `^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$` (lowercase, alphanumeric with hyphens, 1-63 chars)
+- `instanceName` must match `^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$` (lowercase, alphanumeric with hyphens, 2-63 chars)
 - When `authMethod` is `http_basic`: both `username` and `httpToken` must be non-empty
 - When `authMethod` is `git_cookies`: `gitcookiesContent` must be non-empty and contain at least one cookie line for the target host
 

From dc40ab7624ecf0a01a2c9f1535ca679a04d51f5f Mon Sep 17 00:00:00 2001
From: Sylvain Bauza <sbauza@free.fr>
Date: Thu, 26 Mar 2026 12:54:58 +0100
Subject: [PATCH 3/6] fix: address second round of CodeRabbit review feedback

- Fix Secret key separator in data-model spec: colon to dot (matches code)
- Add missing message field to GerritTestResponse contract
- Use discriminated union for GerritConnectRequest type safety

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../contracts/frontend-types.ts               | 23 ++++++++++++-------
 specs/001-gerrit-integration/data-model.md    |  6 ++---
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/specs/001-gerrit-integration/contracts/frontend-types.ts b/specs/001-gerrit-integration/contracts/frontend-types.ts
index efefb9426..db456f0fb 100644
--- a/specs/001-gerrit-integration/contracts/frontend-types.ts
+++ b/specs/001-gerrit-integration/contracts/frontend-types.ts
@@ -7,14 +7,20 @@
 
 export type GerritAuthMethod = 'http_basic' | 'git_cookies'
 
-export interface GerritConnectRequest {
-  instanceName: string
-  url: string
-  authMethod: GerritAuthMethod
-  username?: string       // Required when authMethod is 'http_basic'
-  httpToken?: string      // Required when authMethod is 'http_basic'
-  gitcookiesContent?: string // Required when authMethod is 'git_cookies'
-}
+export type GerritConnectRequest =
+  | {
+      instanceName: string
+      url: string
+      authMethod: 'http_basic'
+      username: string
+      httpToken: string
+    }
+  | {
+      instanceName: string
+      url: string
+      authMethod: 'git_cookies'
+      gitcookiesContent: string
+    }
 
 export interface GerritConnectResponse {
   message: string
@@ -33,6 +39,7 @@ export interface GerritInstanceStatus {
 
 export interface GerritTestResponse {
   valid: boolean
+  message?: string
   error?: string
 }
 
diff --git a/specs/001-gerrit-integration/data-model.md b/specs/001-gerrit-integration/data-model.md
index 9728fa50c..39dd6cb65 100644
--- a/specs/001-gerrit-integration/data-model.md
+++ b/specs/001-gerrit-integration/data-model.md
@@ -48,12 +48,12 @@ Read-only projection used for status reporting. Not stored separately.
 | Secret name     | `gerrit-credentials`                         |
 | Namespace       | Platform namespace (same as other creds)     |
 | Labels          | `app: ambient-code`, `ambient-code.io/provider: gerrit` |
-| Data key format | `{instanceName}:{userID}`                    |
+| Data key format | `{instanceName}.{userID}`                    |
 | Data value      | JSON-marshaled `GerritCredentials`           |
 
 **Multi-instance**: A user with two Gerrit instances ("openstack" and "android") has two entries in the same secret:
-- Key: `openstack:user123` → Value: `{"userID":"user123","instanceName":"openstack","url":"https://review.opendev.org",...}`
-- Key: `android:user123` → Value: `{"userID":"user123","instanceName":"android","url":"https://android-review.googlesource.com",...}`
+- Key: `openstack.user123` → Value: `{"userID":"user123","instanceName":"openstack","url":"https://review.opendev.org",...}`
+- Key: `android.user123` → Value: `{"userID":"user123","instanceName":"android","url":"https://android-review.googlesource.com",...}`
 
 ## Runtime Configuration
 

From 28be47550836ed639067b2eda4fcdd1f8732b36a Mon Sep 17 00:00:00 2001
From: Sylvain Bauza <sbauza@free.fr>
Date: Fri, 27 Mar 2026 10:15:18 +0100
Subject: [PATCH 4/6] style: fix gofmt formatting in Gerrit auth files

- Remove trailing newline in gerrit_auth.go
- Fix comment alignment in gerrit_auth_test.go

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 components/backend/handlers/gerrit_auth.go      | 1 -
 components/backend/handlers/gerrit_auth_test.go | 6 +++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/components/backend/handlers/gerrit_auth.go b/components/backend/handlers/gerrit_auth.go
index 6874917e9..fa19d4a9e 100644
--- a/components/backend/handlers/gerrit_auth.go
+++ b/components/backend/handlers/gerrit_auth.go
@@ -385,4 +385,3 @@ func deleteGerritCredentials(ctx context.Context, instanceName, userID string) e
 	}
 	return fmt.Errorf("failed to update Secret after retries")
 }
-
diff --git a/components/backend/handlers/gerrit_auth_test.go b/components/backend/handlers/gerrit_auth_test.go
index c91811ef7..ff5ea184e 100644
--- a/components/backend/handlers/gerrit_auth_test.go
+++ b/components/backend/handlers/gerrit_auth_test.go
@@ -176,9 +176,9 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 
 		It("Should reject invalid instance names", func() {
 			invalidNames := []string{
-				"a",        // too short (single char)
-				"INVALID",  // uppercase
-				"my@name",  // special characters
+				"a",       // too short (single char)
+				"INVALID", // uppercase
+				"my@name", // special characters
 			}
 
 			for _, name := range invalidNames {

From 97e2e32368c0abed14a30bb3ee047881303c952c Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Fri, 27 Mar 2026 15:00:00 +0000
Subject: [PATCH 5/6] fix: add SSRF protection, mixed-auth rejection, and unit
 tests

- Add validateGerritURL with SSRF protection: enforce HTTPS, reject
  loopback/private/link-local/metadata IPs via DNS resolution
- Reject mixed auth credentials (e.g., gitcookiesContent with http_basic)
- Make ValidateGerritToken mockable via function variable for tests
- Add gerrit_auth_test.go with comprehensive unit tests using stubbed
  validation (no live HTTP calls)
- Fix secret key separator from colon to dot for K8s compatibility
- Add scalability comment about shared Secret design
- Add SSRF protection to TestGerritConnection handler

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 components/backend/handlers/gerrit_auth.go    |  65 +++-
 .../backend/handlers/gerrit_auth_test.go      | 348 ++++++++++--------
 .../handlers/integration_validation.go        |   8 +-
 components/backend/tests/constants/labels.go  |   1 +
 4 files changed, 261 insertions(+), 161 deletions(-)

diff --git a/components/backend/handlers/gerrit_auth.go b/components/backend/handlers/gerrit_auth.go
index fa19d4a9e..bd5bfb71d 100644
--- a/components/backend/handlers/gerrit_auth.go
+++ b/components/backend/handlers/gerrit_auth.go
@@ -5,7 +5,9 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
+	"net"
 	"net/http"
+	"net/url"
 	"regexp"
 	"strings"
 	"time"
@@ -28,15 +30,60 @@ type GerritCredentials struct {
 	UpdatedAt         time.Time `json:"updatedAt"`
 }
 
+// gerritSecretName is a shared Secret for all Gerrit credentials.
+// NOTE: This uses a single Secret for all users, which may cause contention
+// at scale. If the number of users grows significantly, consider sharding
+// into per-user Secrets (e.g., "gerrit-credentials-{userID}") and using
+// label selectors for listing.
 const gerritSecretName = "gerrit-credentials"
 
 var validInstanceNameRegex = regexp.MustCompile(`^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`)
 
+// validateGerritTokenFn is the function used to validate Gerrit credentials.
+// It is a variable so tests can replace it with a stub.
+var validateGerritTokenFn = ValidateGerritToken
+
 // gerritSecretKey returns the K8s secret data key for a Gerrit instance
 func gerritSecretKey(instanceName, userID string) string {
 	return instanceName + "." + userID
 }
 
+// validateGerritURL validates a Gerrit URL for SSRF protection.
+// It ensures the scheme is HTTPS and the host does not resolve to
+// loopback, private, link-local, or metadata-service addresses.
+func validateGerritURL(rawURL string) error {
+	parsed, err := url.Parse(rawURL)
+	if err != nil {
+		return fmt.Errorf("invalid URL: %w", err)
+	}
+	if parsed.Scheme != "https" {
+		return fmt.Errorf("URL must use HTTPS scheme")
+	}
+	host := parsed.Hostname()
+	if host == "" {
+		return fmt.Errorf("URL must include a hostname")
+	}
+
+	ips, err := net.LookupHost(host)
+	if err != nil {
+		return fmt.Errorf("cannot resolve host %q: %w", host, err)
+	}
+	for _, ipStr := range ips {
+		ip := net.ParseIP(ipStr)
+		if ip == nil {
+			continue
+		}
+		if ip.IsLoopback() || ip.IsPrivate() || ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast() {
+			return fmt.Errorf("URL must not resolve to a private or loopback address")
+		}
+		// Block cloud metadata endpoints (169.254.169.254)
+		if ip.Equal(net.ParseIP("169.254.169.254")) {
+			return fmt.Errorf("URL must not resolve to a metadata service address")
+		}
+	}
+	return nil
+}
+
 // ConnectGerrit handles POST /api/auth/gerrit/connect
 // Validates and stores Gerrit credentials for a user instance
 func ConnectGerrit(c *gin.Context) {
@@ -76,25 +123,39 @@ func ConnectGerrit(c *gin.Context) {
 		return
 	}
 
-	// Validate auth method and required fields
+	// Validate URL (SSRF protection)
+	if err := validateGerritURL(req.URL); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Invalid Gerrit URL: %s", err.Error())})
+		return
+	}
+
+	// Validate auth method, required fields, and reject mixed credentials
 	switch req.AuthMethod {
 	case "http_basic":
 		if req.Username == "" || req.HTTPToken == "" {
 			c.JSON(http.StatusBadRequest, gin.H{"error": "Username and HTTP token are required for HTTP basic auth"})
 			return
 		}
+		if req.GitcookiesContent != "" {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "gitcookiesContent must not be provided with http_basic auth"})
+			return
+		}
 	case "git_cookies":
 		if req.GitcookiesContent == "" {
 			c.JSON(http.StatusBadRequest, gin.H{"error": "Gitcookies content is required for git_cookies auth"})
 			return
 		}
+		if req.Username != "" || req.HTTPToken != "" {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "username and httpToken must not be provided with git_cookies auth"})
+			return
+		}
 	default:
 		c.JSON(http.StatusBadRequest, gin.H{"error": "Auth method must be 'http_basic' or 'git_cookies'"})
 		return
 	}
 
 	// Validate credentials against the Gerrit instance
-	valid, err := ValidateGerritToken(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
+	valid, err := validateGerritTokenFn(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("Validation failed: %s", err.Error())})
 		return
diff --git a/components/backend/handlers/gerrit_auth_test.go b/components/backend/handlers/gerrit_auth_test.go
index ff5ea184e..b8c1cd496 100644
--- a/components/backend/handlers/gerrit_auth_test.go
+++ b/components/backend/handlers/gerrit_auth_test.go
@@ -6,6 +6,7 @@ import (
 	"ambient-code-backend/tests/config"
 	test_constants "ambient-code-backend/tests/constants"
 	"context"
+	"fmt"
 	"net/http"
 
 	"ambient-code-backend/tests/logger"
@@ -19,29 +20,32 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_constants.LabelHandlers, "gerrit-auth"), func() {
+var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_constants.LabelHandlers, test_constants.LabelGerritAuth), func() {
 	var (
-		httpUtils         *test_utils.HTTPTestUtils
-		k8sUtils          *test_utils.K8sTestUtils
-		originalNamespace string
-		testToken         string
+		httpUtils                   *test_utils.HTTPTestUtils
+		k8sUtils                    *test_utils.K8sTestUtils
+		originalNamespace           string
+		originalValidateGerritToken func(context.Context, string, string, string, string, string) (bool, error)
+		testToken                   string
 	)
 
 	BeforeEach(func() {
 		logger.Log("Setting up Gerrit Auth Handler test")
 
 		originalNamespace = Namespace
+		originalValidateGerritToken = validateGerritTokenFn
+		// Stub out credential validation to avoid live HTTP calls
+		validateGerritTokenFn = func(_ context.Context, _, _, _, _, _ string) (bool, error) {
+			return true, nil
+		}
 
-		// Use centralized handler dependencies setup
 		k8sUtils = test_utils.NewK8sTestUtils(false, *config.TestNamespace)
 		SetupHandlerDependencies(k8sUtils)
 
-		// gerrit_auth.go uses Namespace (backend namespace) for secret operations
 		Namespace = *config.TestNamespace
 
 		httpUtils = test_utils.NewHTTPTestUtils()
 
-		// Create namespace + role and mint a valid test token for this suite
 		ctx := context.Background()
 		_, err := k8sUtils.K8sClient.CoreV1().Namespaces().Create(ctx, &corev1.Namespace{
 			ObjectMeta: metav1.ObjectMeta{Name: *config.TestNamespace},
@@ -66,26 +70,26 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 
 	AfterEach(func() {
 		Namespace = originalNamespace
+		validateGerritTokenFn = originalValidateGerritToken
 
-		// Clean up created namespace (best-effort)
 		if k8sUtils != nil {
+			_ = k8sUtils.K8sClient.CoreV1().Secrets(*config.TestNamespace).Delete(context.Background(), gerritSecretName, metav1.DeleteOptions{})
 			_ = k8sUtils.K8sClient.CoreV1().Namespaces().Delete(context.Background(), *config.TestNamespace, metav1.DeleteOptions{})
 		}
 	})
 
 	Context("ConnectGerrit", func() {
-		It("Should require authentication", func() {
+		It("Should require authentication token", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
 				"authMethod":   "http_basic",
-				"username":     "testuser",
-				"httpToken":    "secret-token",
+				"username":     "john",
+				"httpToken":    "abc123",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			// Don't set auth header
-			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
@@ -95,43 +99,64 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 
 		It("Should require user authentication", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
 				"authMethod":   "http_basic",
-				"username":     "testuser",
-				"httpToken":    "secret-token",
+				"username":     "john",
+				"httpToken":    "abc123",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
-			// Don't set user context
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			// Don't set user context - should reach the userID check
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
-			httpUtils.AssertJSONContains(map[string]interface{}{
-				"error": "Invalid or missing token",
-			})
+			httpUtils.AssertErrorMessage("User authentication required")
 		})
 
-		It("Should require valid JSON body", func() {
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", "invalid-json")
-			httpUtils.SetAuthHeader(testToken)
-			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+		It("Should reject invalid instance names", func() {
+			invalidNames := []string{
+				"A",            // too short and uppercase
+				"-bad",         // starts with hyphen
+				"UPPER",        // uppercase
+				"has spaces",   // spaces
+				"special!char", // special characters
+			}
 
-			ConnectGerrit(context)
+			for _, name := range invalidNames {
+				requestBody := map[string]interface{}{
+					"instanceName": name,
+					"url":          "https://review.opendev.org",
+					"authMethod":   "http_basic",
+					"username":     "john",
+					"httpToken":    "abc123",
+				}
 
-			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+				ctx := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
+				httpUtils.SetAuthHeader(testToken)
+				httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+				ConnectGerrit(ctx)
+
+				status := httpUtils.GetResponseRecorder().Code
+				Expect(status).To(Equal(http.StatusBadRequest), "Should reject invalid instance name: "+name)
+
+				httpUtils = test_utils.NewHTTPTestUtils()
+			}
 		})
 
-		It("Should require instanceName field", func() {
+		It("Should reject HTTP URLs (SSRF protection)", func() {
 			requestBody := map[string]interface{}{
-				"url":        "https://review.opendev.org",
-				"authMethod": "http_basic",
-				"username":   "testuser",
-				"httpToken":  "secret-token",
+				"instanceName": "test-instance",
+				"url":          "http://review.opendev.org",
+				"authMethod":   "http_basic",
+				"username":     "john",
+				"httpToken":    "abc123",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
@@ -140,201 +165,170 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
 		})
 
-		It("Should require url field", func() {
+		It("Should reject mixed auth credentials for http_basic", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
-				"authMethod":   "http_basic",
-				"username":     "testuser",
-				"httpToken":    "secret-token",
+				"instanceName":      "openstack",
+				"url":               "https://review.opendev.org",
+				"authMethod":        "http_basic",
+				"username":          "john",
+				"httpToken":         "abc123",
+				"gitcookiesContent": "should-not-be-here",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("gitcookiesContent must not be provided with http_basic auth")
 		})
 
-		It("Should require authMethod field", func() {
+		It("Should reject mixed auth credentials for git_cookies", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
-				"url":          "https://review.opendev.org",
-				"username":     "testuser",
-				"httpToken":    "secret-token",
+				"instanceName":      "android",
+				"url":               "https://android-review.googlesource.com",
+				"authMethod":        "git_cookies",
+				"gitcookiesContent": ".googlesource.com\tTRUE\t/\tTRUE\t0\to\tgit-user.cookies=val",
+				"username":          "should-not-be-here",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("username and httpToken must not be provided with git_cookies auth")
 		})
 
-		It("Should reject invalid instance names", func() {
-			invalidNames := []string{
-				"a",       // too short (single char)
-				"INVALID", // uppercase
-				"my@name", // special characters
-			}
-
-			for _, name := range invalidNames {
-				requestBody := map[string]interface{}{
-					"instanceName": name,
-					"url":          "https://review.opendev.org",
-					"authMethod":   "http_basic",
-					"username":     "testuser",
-					"httpToken":    "secret-token",
-				}
-
-				context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
-				httpUtils.SetAuthHeader(testToken)
-				httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
-
-				ConnectGerrit(context)
-
-				httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-				httpUtils.AssertErrorMessage("Instance name must be lowercase alphanumeric with hyphens (2-63 chars)")
-
-				// Reset for next test
-				httpUtils = test_utils.NewHTTPTestUtils()
-			}
-		})
-
-		It("Should accept valid instance names", func() {
-			validNames := []string{
-				"my-gerrit",
-				"openstack",
-				"review-01",
-				"a1",
+		It("Should require username and httpToken for http_basic", func() {
+			requestBody := map[string]interface{}{
+				"instanceName": "openstack",
+				"url":          "https://review.opendev.org",
+				"authMethod":   "http_basic",
+				"username":     "",
+				"httpToken":    "",
 			}
 
-			for _, name := range validNames {
-				requestBody := map[string]interface{}{
-					"instanceName": name,
-					"url":          "https://review.opendev.org",
-					"authMethod":   "http_basic",
-					"username":     "testuser",
-					"httpToken":    "secret-token",
-				}
-
-				context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
-				httpUtils.SetAuthHeader(testToken)
-				httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
-
-				ConnectGerrit(context)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
-				// Should not fail at instance name validation stage
-				status := httpUtils.GetResponseRecorder().Code
-				Expect(status).NotTo(Equal(http.StatusBadRequest), "Should accept valid instance name: "+name)
+			ConnectGerrit(context)
 
-				// Reset for next test
-				httpUtils = test_utils.NewHTTPTestUtils()
-			}
+			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
+			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
 		})
 
-		It("Should reject invalid auth method", func() {
+		It("Should require gitcookiesContent for git_cookies", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
-				"url":          "https://review.opendev.org",
-				"authMethod":   "oauth2",
-				"username":     "testuser",
-				"httpToken":    "secret-token",
+				"instanceName":      "android",
+				"url":               "https://android-review.googlesource.com",
+				"authMethod":        "git_cookies",
+				"gitcookiesContent": "",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-			httpUtils.AssertErrorMessage("Auth method must be 'http_basic' or 'git_cookies'")
+			httpUtils.AssertErrorMessage("Gitcookies content is required for git_cookies auth")
 		})
 
-		It("Should require username and httpToken for http_basic", func() {
-			// Missing both username and httpToken
+		It("Should reject unsupported auth method", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
-				"authMethod":   "http_basic",
+				"authMethod":   "oauth",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+			httpUtils.AssertErrorMessage("Auth method must be 'http_basic' or 'git_cookies'")
 		})
 
-		It("Should require username for http_basic when only httpToken provided", func() {
+		It("Should accept valid http_basic credentials", func() {
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
 				"authMethod":   "http_basic",
-				"httpToken":    "secret-token",
+				"username":     "john",
+				"httpToken":    "abc123",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
-			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+			status := httpUtils.GetResponseRecorder().Code
+			Expect(status).NotTo(Equal(http.StatusBadRequest), "Should accept valid http_basic credentials")
 		})
 
-		It("Should require httpToken for http_basic when only username provided", func() {
+		It("Should return 401 when credentials are invalid", func() {
+			validateGerritTokenFn = func(_ context.Context, _, _, _, _, _ string) (bool, error) {
+				return false, nil
+			}
+
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
 				"authMethod":   "http_basic",
-				"username":     "testuser",
+				"username":     "john",
+				"httpToken":    "wrong-token",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
-			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-			httpUtils.AssertErrorMessage("Username and HTTP token are required for HTTP basic auth")
+			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
+			httpUtils.AssertErrorMessage("Invalid Gerrit credentials")
 		})
 
-		It("Should require gitcookiesContent for git_cookies", func() {
+		It("Should return error when validation fails", func() {
+			validateGerritTokenFn = func(_ context.Context, _, _, _, _, _ string) (bool, error) {
+				return false, fmt.Errorf("connection timeout")
+			}
+
 			requestBody := map[string]interface{}{
-				"instanceName": "my-gerrit",
+				"instanceName": "openstack",
 				"url":          "https://review.opendev.org",
-				"authMethod":   "git_cookies",
+				"authMethod":   "http_basic",
+				"username":     "john",
+				"httpToken":    "abc123",
 			}
 
-			context := httpUtils.CreateTestGinContext("POST", "/auth/gerrit/connect", requestBody)
+			context := httpUtils.CreateTestGinContext("POST", "/api/auth/gerrit/connect", requestBody)
 			httpUtils.SetAuthHeader(testToken)
 			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			ConnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusBadRequest)
-			httpUtils.AssertErrorMessage("Gitcookies content is required for git_cookies auth")
 		})
 	})
 
 	Context("GetGerritStatus", func() {
-		It("Should require authentication", func() {
-			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/openstack/status", nil)
+		It("Should require authentication token", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/api/auth/gerrit/openstack/status", nil)
 			context.Params = gin.Params{
 				gin.Param{Key: "instanceName", Value: "openstack"},
 			}
-			// Don't set auth header
-			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			GetGerritStatus(context)
 
@@ -343,29 +337,40 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 		})
 
 		It("Should require user authentication", func() {
-			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/openstack/status", nil)
+			context := httpUtils.CreateTestGinContext("GET", "/api/auth/gerrit/openstack/status", nil)
 			context.Params = gin.Params{
 				gin.Param{Key: "instanceName", Value: "openstack"},
 			}
+			httpUtils.SetAuthHeader(testToken)
 			// Don't set user context
 
 			GetGerritStatus(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
-			httpUtils.AssertJSONContains(map[string]interface{}{
-				"error": "Invalid or missing token",
-			})
+			httpUtils.AssertErrorMessage("User authentication required")
+		})
+
+		It("Should return not connected when no credentials exist", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/api/auth/gerrit/nonexistent/status", nil)
+			context.Params = gin.Params{
+				gin.Param{Key: "instanceName", Value: "nonexistent"},
+			}
+			httpUtils.SetAuthHeader(testToken)
+			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+
+			GetGerritStatus(context)
+
+			status := httpUtils.GetResponseRecorder().Code
+			Expect(status).To(BeElementOf(http.StatusOK, http.StatusNotFound))
 		})
 	})
 
 	Context("DisconnectGerrit", func() {
-		It("Should require authentication", func() {
-			context := httpUtils.CreateTestGinContext("DELETE", "/auth/gerrit/openstack/disconnect", nil)
+		It("Should require authentication token", func() {
+			context := httpUtils.CreateTestGinContext("DELETE", "/api/auth/gerrit/openstack/disconnect", nil)
 			context.Params = gin.Params{
 				gin.Param{Key: "instanceName", Value: "openstack"},
 			}
-			// Don't set auth header
-			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
 
 			DisconnectGerrit(context)
 
@@ -374,26 +379,23 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 		})
 
 		It("Should require user authentication", func() {
-			context := httpUtils.CreateTestGinContext("DELETE", "/auth/gerrit/openstack/disconnect", nil)
+			context := httpUtils.CreateTestGinContext("DELETE", "/api/auth/gerrit/openstack/disconnect", nil)
 			context.Params = gin.Params{
 				gin.Param{Key: "instanceName", Value: "openstack"},
 			}
+			httpUtils.SetAuthHeader(testToken)
 			// Don't set user context
 
 			DisconnectGerrit(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
-			httpUtils.AssertJSONContains(map[string]interface{}{
-				"error": "Invalid or missing token",
-			})
+			httpUtils.AssertErrorMessage("User authentication required")
 		})
 	})
 
 	Context("ListGerritInstances", func() {
-		It("Should require authentication", func() {
-			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/instances", nil)
-			// Don't set auth header
-			httpUtils.SetUserContext("test-user", "Test User", "test@example.com")
+		It("Should require authentication token", func() {
+			context := httpUtils.CreateTestGinContext("GET", "/api/auth/gerrit/instances", nil)
 
 			ListGerritInstances(context)
 
@@ -402,15 +404,45 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 		})
 
 		It("Should require user authentication", func() {
-			context := httpUtils.CreateTestGinContext("GET", "/auth/gerrit/instances", nil)
+			context := httpUtils.CreateTestGinContext("GET", "/api/auth/gerrit/instances", nil)
+			httpUtils.SetAuthHeader(testToken)
 			// Don't set user context
 
 			ListGerritInstances(context)
 
 			httpUtils.AssertHTTPStatus(http.StatusUnauthorized)
-			httpUtils.AssertJSONContains(map[string]interface{}{
-				"error": "Invalid or missing token",
-			})
+			httpUtils.AssertErrorMessage("User authentication required")
+		})
+	})
+
+	Context("Secret Key Format", func() {
+		It("Should use dot separator in secret key", func() {
+			key := gerritSecretKey("openstack", "user123")
+			Expect(key).To(Equal("openstack.user123"))
+		})
+
+		It("Should produce valid K8s secret data keys", func() {
+			key := gerritSecretKey("my-instance", "system-serviceaccount-ns-user")
+			Expect(key).To(MatchRegexp(`^[-._a-zA-Z0-9]+$`))
+		})
+	})
+
+	Context("URL Validation", func() {
+		It("Should reject HTTP URLs", func() {
+			err := validateGerritURL("http://review.opendev.org")
+			Expect(err).To(HaveOccurred())
+			Expect(err.Error()).To(ContainSubstring("HTTPS"))
+		})
+
+		It("Should reject URLs without hostname", func() {
+			err := validateGerritURL("https://")
+			Expect(err).To(HaveOccurred())
+		})
+
+		It("Should reject FTP URLs", func() {
+			err := validateGerritURL("ftp://review.opendev.org")
+			Expect(err).To(HaveOccurred())
+			Expect(err.Error()).To(ContainSubstring("HTTPS"))
 		})
 	})
 })
diff --git a/components/backend/handlers/integration_validation.go b/components/backend/handlers/integration_validation.go
index 28fdeba9c..22d64b176 100644
--- a/components/backend/handlers/integration_validation.go
+++ b/components/backend/handlers/integration_validation.go
@@ -245,7 +245,13 @@ func TestGerritConnection(c *gin.Context) {
 		return
 	}
 
-	valid, err := ValidateGerritToken(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
+	// Validate URL (SSRF protection)
+	if err := validateGerritURL(req.URL); err != nil {
+		c.JSON(http.StatusOK, gin.H{"valid": false, "error": fmt.Sprintf("Invalid Gerrit URL: %s", err.Error())})
+		return
+	}
+
+	valid, err := validateGerritTokenFn(c.Request.Context(), req.URL, req.AuthMethod, req.Username, req.HTTPToken, req.GitcookiesContent)
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{"valid": false, "error": err.Error()})
 		return
diff --git a/components/backend/tests/constants/labels.go b/components/backend/tests/constants/labels.go
index bdc7a5d57..9521df28f 100644
--- a/components/backend/tests/constants/labels.go
+++ b/components/backend/tests/constants/labels.go
@@ -20,6 +20,7 @@ const (
 	LabelPermissions  = "permissions"
 	LabelProjects     = "projects"
 	LabelGitHubAuth   = "github-auth"
+	LabelGerritAuth   = "gerrit-auth"
 	LabelGitLabAuth   = "gitlab-auth"
 	LabelSessions     = "sessions"
 	LabelContent      = "content"

From 871a6ee6cb9fa3fbfcb2dc02462bc01486b79835 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Fri, 27 Mar 2026 15:48:00 +0000
Subject: [PATCH 6/6] fix: refactor to per-user secrets, clean up stale config,
 sort instances

- Refactor from single shared gerrit-credentials Secret to per-user
  Secrets (gerrit-credentials-{userID}) to eliminate cross-user
  contention, unbounded Secret growth, and suffix-filtering overhead
- Data key is now just instanceName (no compound key needed)
- Sort Gerrit instances by name in listGerritCredentials for
  deterministic API responses
- Clean up old /tmp/gerrit-mcp directory and unset GERRIT_CONFIG_PATH
  when instances list is empty (prevents stale credential reuse)
- Update docs and data-model spec to reflect per-user Secret design
- Update test file for per-user secret naming

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 components/backend/handlers/gerrit_auth.go    | 69 ++++++++++---------
 .../backend/handlers/gerrit_auth_test.go      | 18 ++---
 .../ambient_runner/bridges/claude/mcp.py      | 16 +++--
 .../integrations/gerrit-integration.md        |  4 +-
 specs/001-gerrit-integration/data-model.md    | 12 ++--
 5 files changed, 62 insertions(+), 57 deletions(-)

diff --git a/components/backend/handlers/gerrit_auth.go b/components/backend/handlers/gerrit_auth.go
index bd5bfb71d..94d5434f4 100644
--- a/components/backend/handlers/gerrit_auth.go
+++ b/components/backend/handlers/gerrit_auth.go
@@ -9,7 +9,7 @@ import (
 	"net/http"
 	"net/url"
 	"regexp"
-	"strings"
+	"sort"
 	"time"
 
 	"github.com/gin-gonic/gin"
@@ -30,12 +30,7 @@ type GerritCredentials struct {
 	UpdatedAt         time.Time `json:"updatedAt"`
 }
 
-// gerritSecretName is a shared Secret for all Gerrit credentials.
-// NOTE: This uses a single Secret for all users, which may cause contention
-// at scale. If the number of users grows significantly, consider sharding
-// into per-user Secrets (e.g., "gerrit-credentials-{userID}") and using
-// label selectors for listing.
-const gerritSecretName = "gerrit-credentials"
+const gerritSecretPrefix = "gerrit-credentials-"
 
 var validInstanceNameRegex = regexp.MustCompile(`^[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$`)
 
@@ -43,9 +38,11 @@ var validInstanceNameRegex = regexp.MustCompile(`^[a-z0-9][a-z0-9-]{0,61}[a-z0-9
 // It is a variable so tests can replace it with a stub.
 var validateGerritTokenFn = ValidateGerritToken
 
-// gerritSecretKey returns the K8s secret data key for a Gerrit instance
-func gerritSecretKey(instanceName, userID string) string {
-	return instanceName + "." + userID
+// gerritSecretName returns the per-user Secret name for Gerrit credentials.
+// Each user gets their own Secret to avoid cross-user contention and
+// unbounded Secret size growth.
+func gerritSecretName(userID string) string {
+	return gerritSecretPrefix + userID
 }
 
 // validateGerritURL validates a Gerrit URL for SSRF protection.
@@ -302,21 +299,21 @@ func ListGerritInstances(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{"instances": result})
 }
 
-// storeGerritCredentials stores Gerrit credentials in cluster-level Secret
+// storeGerritCredentials stores Gerrit credentials in a per-user Secret
 func storeGerritCredentials(ctx context.Context, creds *GerritCredentials) error {
 	if creds == nil || creds.UserID == "" || creds.InstanceName == "" {
 		return fmt.Errorf("invalid credentials payload")
 	}
 
-	key := gerritSecretKey(creds.InstanceName, creds.UserID)
+	secretName := gerritSecretName(creds.UserID)
 
 	for i := 0; i < 3; i++ { // retry on conflict
-		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, secretName, v1.GetOptions{})
 		if err != nil {
 			if errors.IsNotFound(err) {
 				secret = &corev1.Secret{
 					ObjectMeta: v1.ObjectMeta{
-						Name:      gerritSecretName,
+						Name:      secretName,
 						Namespace: Namespace,
 						Labels: map[string]string{
 							"app":                      "ambient-code",
@@ -329,7 +326,7 @@ func storeGerritCredentials(ctx context.Context, creds *GerritCredentials) error
 				if _, cerr := K8sClient.CoreV1().Secrets(Namespace).Create(ctx, secret, v1.CreateOptions{}); cerr != nil && !errors.IsAlreadyExists(cerr) {
 					return fmt.Errorf("failed to create Secret: %w", cerr)
 				}
-				secret, err = K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+				secret, err = K8sClient.CoreV1().Secrets(Namespace).Get(ctx, secretName, v1.GetOptions{})
 				if err != nil {
 					return fmt.Errorf("failed to fetch Secret after create: %w", err)
 				}
@@ -346,7 +343,7 @@ func storeGerritCredentials(ctx context.Context, creds *GerritCredentials) error
 		if err != nil {
 			return fmt.Errorf("failed to marshal credentials: %w", err)
 		}
-		secret.Data[key] = b
+		secret.Data[creds.InstanceName] = b
 
 		if _, uerr := K8sClient.CoreV1().Secrets(Namespace).Update(ctx, secret, v1.UpdateOptions{}); uerr != nil {
 			if errors.IsConflict(uerr) {
@@ -365,31 +362,34 @@ func getGerritCredentials(ctx context.Context, instanceName, userID string) (*Ge
 		return nil, fmt.Errorf("userID and instanceName are required")
 	}
 
-	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+	secretName := gerritSecretName(userID)
+	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, secretName, v1.GetOptions{})
 	if err != nil {
 		return nil, err
 	}
 
-	key := gerritSecretKey(instanceName, userID)
-	if secret.Data == nil || len(secret.Data[key]) == 0 {
+	if secret.Data == nil || len(secret.Data[instanceName]) == 0 {
 		return nil, nil
 	}
 
 	var creds GerritCredentials
-	if err := json.Unmarshal(secret.Data[key], &creds); err != nil {
+	if err := json.Unmarshal(secret.Data[instanceName], &creds); err != nil {
 		return nil, fmt.Errorf("failed to parse credentials: %w", err)
 	}
 
 	return &creds, nil
 }
 
-// listGerritCredentials returns all Gerrit instances for a user
+// listGerritCredentials returns all Gerrit instances for a user.
+// Each user has their own Secret, so all entries belong to the user.
+// Results are sorted by instance name for deterministic ordering.
 func listGerritCredentials(ctx context.Context, userID string) ([]*GerritCredentials, error) {
 	if userID == "" {
 		return nil, fmt.Errorf("userID is required")
 	}
 
-	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+	secretName := gerritSecretName(userID)
+	secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, secretName, v1.GetOptions{})
 	if err != nil {
 		if errors.IsNotFound(err) {
 			return nil, nil
@@ -397,19 +397,20 @@ func listGerritCredentials(ctx context.Context, userID string) ([]*GerritCredent
 		return nil, err
 	}
 
-	suffix := "." + userID
 	var result []*GerritCredentials
 	for key, val := range secret.Data {
-		if strings.HasSuffix(key, suffix) {
-			var creds GerritCredentials
-			if err := json.Unmarshal(val, &creds); err != nil {
-				log.Printf("Failed to parse Gerrit credentials for key %s: %v", key, err)
-				continue
-			}
-			result = append(result, &creds)
+		var creds GerritCredentials
+		if err := json.Unmarshal(val, &creds); err != nil {
+			log.Printf("Failed to parse Gerrit credentials for key %s: %v", key, err)
+			continue
 		}
+		result = append(result, &creds)
 	}
 
+	sort.Slice(result, func(i, j int) bool {
+		return result[i].InstanceName < result[j].InstanceName
+	})
+
 	return result, nil
 }
 
@@ -419,10 +420,10 @@ func deleteGerritCredentials(ctx context.Context, instanceName, userID string) e
 		return fmt.Errorf("userID and instanceName are required")
 	}
 
-	key := gerritSecretKey(instanceName, userID)
+	secretName := gerritSecretName(userID)
 
 	for i := 0; i < 3; i++ { // retry on conflict
-		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, gerritSecretName, v1.GetOptions{})
+		secret, err := K8sClient.CoreV1().Secrets(Namespace).Get(ctx, secretName, v1.GetOptions{})
 		if err != nil {
 			if errors.IsNotFound(err) {
 				return nil
@@ -430,11 +431,11 @@ func deleteGerritCredentials(ctx context.Context, instanceName, userID string) e
 			return fmt.Errorf("failed to get Secret: %w", err)
 		}
 
-		if secret.Data == nil || len(secret.Data[key]) == 0 {
+		if secret.Data == nil || len(secret.Data[instanceName]) == 0 {
 			return nil
 		}
 
-		delete(secret.Data, key)
+		delete(secret.Data, instanceName)
 
 		if _, uerr := K8sClient.CoreV1().Secrets(Namespace).Update(ctx, secret, v1.UpdateOptions{}); uerr != nil {
 			if errors.IsConflict(uerr) {
diff --git a/components/backend/handlers/gerrit_auth_test.go b/components/backend/handlers/gerrit_auth_test.go
index b8c1cd496..ea02c6dd0 100644
--- a/components/backend/handlers/gerrit_auth_test.go
+++ b/components/backend/handlers/gerrit_auth_test.go
@@ -73,7 +73,8 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 		validateGerritTokenFn = originalValidateGerritToken
 
 		if k8sUtils != nil {
-			_ = k8sUtils.K8sClient.CoreV1().Secrets(*config.TestNamespace).Delete(context.Background(), gerritSecretName, metav1.DeleteOptions{})
+			// Clean up per-user secrets (best-effort)
+			_ = k8sUtils.K8sClient.CoreV1().Secrets(*config.TestNamespace).Delete(context.Background(), gerritSecretName("test-user"), metav1.DeleteOptions{})
 			_ = k8sUtils.K8sClient.CoreV1().Namespaces().Delete(context.Background(), *config.TestNamespace, metav1.DeleteOptions{})
 		}
 	})
@@ -415,15 +416,16 @@ var _ = Describe("Gerrit Auth Handler", Label(test_constants.LabelUnit, test_con
 		})
 	})
 
-	Context("Secret Key Format", func() {
-		It("Should use dot separator in secret key", func() {
-			key := gerritSecretKey("openstack", "user123")
-			Expect(key).To(Equal("openstack.user123"))
+	Context("Per-User Secret Naming", func() {
+		It("Should derive secret name from user ID", func() {
+			name := gerritSecretName("user123")
+			Expect(name).To(Equal("gerrit-credentials-user123"))
 		})
 
-		It("Should produce valid K8s secret data keys", func() {
-			key := gerritSecretKey("my-instance", "system-serviceaccount-ns-user")
-			Expect(key).To(MatchRegexp(`^[-._a-zA-Z0-9]+$`))
+		It("Should produce valid K8s Secret names", func() {
+			name := gerritSecretName("system-serviceaccount-ns-user")
+			Expect(name).To(HavePrefix("gerrit-credentials-"))
+			Expect(name).To(MatchRegexp(`^[a-z0-9][-a-z0-9.]*[a-z0-9]$`))
 		})
 	})
 
diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
index 6daa32ff4..6f773d2e5 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/mcp.py
@@ -40,12 +40,17 @@ def generate_gerrit_config(instances: list[dict]) -> None:
     Sets GERRIT_CONFIG_PATH env var to point to the generated config.
     """
     config_dir = Path("/tmp/gerrit-mcp")
+
+    # Always clean up old config to prevent stale credentials
     if config_dir.exists():
         import shutil
+
         shutil.rmtree(config_dir)
+
     if not instances:
         os.environ.pop("GERRIT_CONFIG_PATH", None)
         return
+
     config_dir.mkdir(parents=True, exist_ok=True)
 
     gerrit_hosts = []
@@ -215,7 +220,6 @@ def log_auth_status(mcp_servers: dict) -> None:
 def _read_google_credentials(
     workspace_path: Path, secret_path: Path
 ) -> Dict[str, Any] | None:
-    """Read and parse Google OAuth credentials from workspace or secret path."""
     cred_path = workspace_path if workspace_path.exists() else secret_path
     if not cred_path.exists():
         return None
@@ -230,7 +234,6 @@ def _read_google_credentials(
 
 
 def _parse_token_expiry(expiry_str: str) -> datetime | None:
-    """Parse an ISO 8601 token expiry string into a timezone-aware datetime."""
     try:
         expiry_str = expiry_str.replace("Z", "+00:00")
         dt = datetime.fromisoformat(expiry_str)
@@ -245,7 +248,6 @@ def _parse_token_expiry(expiry_str: str) -> datetime | None:
 def _validate_google_token(
     user_creds: Dict[str, Any], user_email: str
 ) -> tuple[bool | None, str]:
-    """Validate Google OAuth token completeness and expiry status."""
     if not user_creds.get("access_token") or not user_creds.get("refresh_token"):
         return False, "Google OAuth credentials incomplete - missing or empty tokens"
 
@@ -326,10 +328,10 @@ def check_mcp_authentication(server_name: str) -> tuple[bool | None, str | None]
                                 True,
                                 "Jira credentials available (not yet loaded in session)",
                             )
-                except Exception as e:
-                    logger.debug(f"Jira credential probe failed: {e}")
-        except Exception as e:
-            logger.debug(f"Jira credential check setup failed: {e}")
+                except Exception:
+                    pass
+        except Exception:
+            pass
 
         return False, "Jira not configured - connect on Integrations page"
 
diff --git a/docs/internal/integrations/gerrit-integration.md b/docs/internal/integrations/gerrit-integration.md
index 15aee75d5..8b7460c66 100644
--- a/docs/internal/integrations/gerrit-integration.md
+++ b/docs/internal/integrations/gerrit-integration.md
@@ -205,8 +205,8 @@ Both instances will be available to the MCP server during AgenticSessions.
 
 ### Credential Storage
 
-- Credentials are stored in a Kubernetes Secret named `gerrit-credentials`
-- Each credential entry uses a compound key: `instanceName.userID`
+- Credentials are stored in per-user Kubernetes Secrets named `gerrit-credentials-{userID}`
+- Each credential entry is keyed by `instanceName` within the per-user Secret
 - Stored in Kubernetes Secrets (encrypted at rest when cluster-level encryption is configured)
 - Credentials are never logged in plaintext
 - Credentials are not exposed in API responses after storage
diff --git a/specs/001-gerrit-integration/data-model.md b/specs/001-gerrit-integration/data-model.md
index 39dd6cb65..a204f88d2 100644
--- a/specs/001-gerrit-integration/data-model.md
+++ b/specs/001-gerrit-integration/data-model.md
@@ -41,19 +41,19 @@ Read-only projection used for status reporting. Not stored separately.
 
 ## Storage
 
-### Kubernetes Secret: `gerrit-credentials`
+### Kubernetes Secret: `gerrit-credentials-{userID}` (per-user)
 
 | Aspect          | Value                                        |
 |-----------------|----------------------------------------------|
-| Secret name     | `gerrit-credentials`                         |
+| Secret name     | `gerrit-credentials-{userID}`                |
 | Namespace       | Platform namespace (same as other creds)     |
 | Labels          | `app: ambient-code`, `ambient-code.io/provider: gerrit` |
-| Data key format | `{instanceName}.{userID}`                    |
+| Data key format | `{instanceName}`                             |
 | Data value      | JSON-marshaled `GerritCredentials`           |
 
-**Multi-instance**: A user with two Gerrit instances ("openstack" and "android") has two entries in the same secret:
-- Key: `openstack.user123` → Value: `{"userID":"user123","instanceName":"openstack","url":"https://review.opendev.org",...}`
-- Key: `android.user123` → Value: `{"userID":"user123","instanceName":"android","url":"https://android-review.googlesource.com",...}`
+**Per-user sharding**: Each user gets their own Secret, avoiding cross-user contention and unbounded Secret growth. A user with two Gerrit instances ("openstack" and "android") has two entries in their Secret `gerrit-credentials-user123`:
+- Key: `openstack` → Value: `{"userID":"user123","instanceName":"openstack","url":"https://review.opendev.org",...}`
+- Key: `android` → Value: `{"userID":"user123","instanceName":"android","url":"https://android-review.googlesource.com",...}`
 
 ## Runtime Configuration