Google Git
Sign in
upspin/All-Projects/d3500ad24a16d2cb05abd56a2b813d8f2f1c9a26^!/.
commit
d3500ad24a16d2cb05abd56a2b813d8f2f1c9a26
[log]
author
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:21:48 2026 -0700
committer
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:21:48 2026 -0700
tree
b0c9b65af0abc2ff7fa74226c9c8994dfd9a2fbb
parent
6061a6349fcc0354b96fdd6e7cfc3348b7a3d43b [diff]
Update Gerrit permissions for global service users (built at http://cl/899219124)

Added permissions:
  Section [refs/heads/*]:
    Read:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts
    Submit:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
    Push:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
  Section [GLOBAL_CAPABILITIES]:
    viewAllAccounts:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts

diff --git a/groups b/groups
index 66d2dfc..8f5b92b 100644
--- a/groups
+++ b/groups

@@ -1,9 +1,12 @@
 # UUID                                  	Group Name
 #
+3febf0cd63cb416030cb2fb418699ef39fc74893	autoupdate-vigil-service-accounts
+4448949c17907ac9bb2d7f037e8550426ed3d088	autoupdate-service-accounts
 62778f7f1b4d2f168dc97a8840f509439d184be5	admins
 90f71e69b86d39ce0356bf9692d1fd8c972a8bd2	approvers
 bb6233ca816ebbd75fb021863f2525ba866318dc	SLSA Policy Verification Service Accounts
 d651a8840b2b5a967d0b04d4b0208969394c3010	nobody
+ed066c2364063ecc80bc10fcf22745bf11bda2e5	autoupdate-onboarding-service-accounts
 global:Anonymous-Users                  	Anonymous Users
 global:Project-Owners                   	Project Owners
 global:Registered-Users                 	Registered Users

diff --git a/project.config b/project.config
index cf83f69..f1c2085 100644
--- a/project.config
+++ b/project.config

@@ -26,16 +26,23 @@
 	label-Code-Review = -1..+1 group Registered Users
 	submit = group admins
 	submit = group approvers
+	submit = group autoupdate-service-accounts
+	submit = group autoupdate-vigil-service-accounts
 	editTopicName = group admins
 	editTopicName = group approvers
 	abandon = group Registered Users
 	abandon = group admins
 	abandon = group approvers
 	push = group admins
+	push = group autoupdate-service-accounts
+	push = group autoupdate-vigil-service-accounts
 	push = +force group nobody
 	delete = group nobody
 	label-SLSA-Policy-Verified = -1..+1 group SLSA Policy Verification Service Accounts
 	Read = group SLSA Policy Verification Service Accounts
+	Read = group autoupdate-onboarding-service-accounts
+	Read = group autoupdate-service-accounts
+	Read = group autoupdate-vigil-service-accounts
 [access "refs/meta/config"]
 	exclusiveGroupPermissions = read
 	read = group Project Owners
@@ -64,6 +71,9 @@
 	addPatchSet = group Registered Users
 [capability]
 	administrateServer = group admins
+	viewAllAccounts = group autoupdate-onboarding-service-accounts
+	viewAllAccounts = group autoupdate-service-accounts
+	viewAllAccounts = group autoupdate-vigil-service-accounts
 [notify "public"]
 	email = upspin-reviews@googlegroups.com
 	filter = -message:do-not-review