Google Git
Sign in
gdch-oss/All-Projects/bcab177a69efe79cb26b51d198142ee1d545e50a^!/.
commit
bcab177a69efe79cb26b51d198142ee1d545e50a
[log]
author
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:43 2026 -0700
committer
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:43 2026 -0700
tree
97baa4edb5b97867d8a9d8e97225964a41d5ee65
parent
ff87848665080ac1fc6588f095ebdb956f5ab76f [diff]
Update Gerrit permissions for global service users (built at http://cl/899219124)

Added permissions:
  Section [refs/heads/*]:
    Read:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts
    Submit:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
    Push:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
  Section [GLOBAL_CAPABILITIES]:
    viewAllAccounts:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts

diff --git a/groups b/groups
index 8896390..f17c438 100644
--- a/groups
+++ b/groups

@@ -1,7 +1,10 @@
 # UUID                                  	Group Name
 #
 04dfef6b8be8572406c6614755c6450f26b833d1	SLSA Policy Verification Service Accounts
+0fcdb2bed8a31f65955fa30a655705c297e43e34	autoupdate-service-accounts
 9725a09be9dd47e12b769ceed261bf0bbe642f0b	private-cloud Louhi Automation
+c364bf60d327729e7639a8e2fadd0d3a7f37a338	autoupdate-vigil-service-accounts
+da792106dceea4c386952f06675ce1124c53009c	autoupdate-onboarding-service-accounts
 global:Anonymous-Users                  	Anonymous Users
 global:Project-Owners                   	Project Owners
 global:Registered-Users                 	Registered Users

diff --git a/project.config b/project.config
index 19b8ed1..aba9a31 100644
--- a/project.config
+++ b/project.config

@@ -29,12 +29,19 @@
 	label-Code-Review = -2..+2 group mdb/private-cloud-gerrit-owners
 	label-Code-Review = -1..+1 group Registered Users
 	push = group Project Owners
+	push = group autoupdate-service-accounts
+	push = group autoupdate-vigil-service-accounts
 	push = group mdb/private-cloud-gerrit-owners
 	push = group private-cloud Louhi Automation
 	read = group Anonymous Users
 	read = group SLSA Policy Verification Service Accounts
+	read = group autoupdate-onboarding-service-accounts
+	read = group autoupdate-service-accounts
+	read = group autoupdate-vigil-service-accounts
 	revert = group Registered Users
 	submit = group Project Owners
+	submit = group autoupdate-service-accounts
+	submit = group autoupdate-vigil-service-accounts
 	submit = group mdb/private-cloud-gerrit-owners
 	pushMerge = group private-cloud Louhi Automation
 	forgeServerAsCommitter = group private-cloud Louhi Automation
@@ -78,3 +85,6 @@
 	copyCondition = changekind:NO_CHANGE OR changekind:TRIVIAL_REBASE OR is:MIN
 [capability]
 	administrateServer = group mdb/private-cloud-gerrit-owners
+	viewAllAccounts = group autoupdate-onboarding-service-accounts
+	viewAllAccounts = group autoupdate-service-accounts
+	viewAllAccounts = group autoupdate-vigil-service-accounts