Google Git
Sign in
third-party-mirror/All-Projects/a3e46b54ef486718a3989e5ecffa05d7370b0bcc^!/.
commit
a3e46b54ef486718a3989e5ecffa05d7370b0bcc
[log]
author
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:43 2026 -0700
committer
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:43 2026 -0700
tree
50ca5a4e47cc878dc4aa66cdfbc97b1e63f3402a
parent
bf1dfebeebbba8f5c454e96040368e58f273d7bc [diff]
Update Gerrit permissions for global service users (built at http://cl/899219124)

Added permissions:
  Section [refs/heads/*]:
    Read:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts
    Submit:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
    Push:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
  Section [GLOBAL_CAPABILITIES]:
    viewAllAccounts:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts

diff --git a/groups b/groups
index b77ad9e..ec8d6aa 100644
--- a/groups
+++ b/groups

@@ -1,6 +1,9 @@
 # UUID                                  	Group Name
 #
+1063e17da83c13f208b85d19e74bb153329b5666	autoupdate-onboarding-service-accounts
 79be56805a57408ce621046029781feb7aabfe2b	SLSA Policy Verification Service Accounts
+8eeda9cfa5c497aff32a7b7257950abf34e364e6	autoupdate-service-accounts
+f7329362968cded9027250f4c89f5769f6e697f8	autoupdate-vigil-service-accounts
 global:Anonymous-Users                  	Anonymous Users
 global:Project-Owners                   	Project Owners
 global:Registered-Users                 	Registered Users

diff --git a/project.config b/project.config
index da1061a..05e5291 100644
--- a/project.config
+++ b/project.config

@@ -35,13 +35,20 @@
 	label-Code-Review = -2..+2 group mdb/third-party-mirror-owner
 	label-Code-Review = -1..+1 group Registered Users
 	push = group Project Owners
+	push = group autoupdate-service-accounts
+	push = group autoupdate-vigil-service-accounts
 	push = group mdb/opensource-compliance-team
 	push = group mdb/third-party-mirror-owner
 	submit = group Project Owners
+	submit = group autoupdate-service-accounts
+	submit = group autoupdate-vigil-service-accounts
 	submit = group mdb/opensource-compliance-team
 	submit = group mdb/third-party-mirror-owner
 	label-SLSA-Policy-Verified = -1..+1 group SLSA Policy Verification Service Accounts
 	Read = group SLSA Policy Verification Service Accounts
+	Read = group autoupdate-onboarding-service-accounts
+	Read = group autoupdate-service-accounts
+	Read = group autoupdate-vigil-service-accounts
 [access "refs/meta/config"]
 	exclusiveGroupPermissions = read
 	create = group Project Owners
@@ -84,4 +91,7 @@
 	administrateServer = group mdb/third-party-mirror-owner
 	createproject-selfServiceCreateProject = group mdb/eng-mirror
 	gerrit-google-manageUsersGet = group mdb/copybara-git-readers
+	viewAllAccounts = group autoupdate-onboarding-service-accounts
+	viewAllAccounts = group autoupdate-service-accounts
+	viewAllAccounts = group autoupdate-vigil-service-accounts
 	viewAllAccounts = group mdb/copybara-git-readers