Google Git
Sign in
bluetooth/All-Projects/cbe7ebdc40b4b743190a51e4424173c3c59d0af5^!/.
commit
cbe7ebdc40b4b743190a51e4424173c3c59d0af5
[log]
author
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:56 2026 -0700
committer
Gerrit Code Review <server@googlesource.com>
Tue Apr 21 12:22:56 2026 -0700
tree
1d8d2dbd94bb9b3387894feeb4f55c50aad0b9aa
parent
86ae91760d048251118c0be8bd8b486274f3ddbd [diff]
Update Gerrit permissions for global service users (built at http://cl/899219124)

Added permissions:
  Section [refs/heads/*]:
    Read:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts
    Submit:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
    Push:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
  Section [GLOBAL_CAPABILITIES]:
    viewAllAccounts:
      ALLOW: autoupdate-vigil-service-accounts
      ALLOW: autoupdate-service-accounts
      ALLOW: autoupdate-onboarding-service-accounts

diff --git a/groups b/groups
index 26a79ba..51eb026 100644
--- a/groups
+++ b/groups

@@ -1,12 +1,15 @@
 # UUID                                                        	Group Name
 #
+0bf5c4e5d3c059c22913806f066b5b45b0497fa8                      	autoupdate-onboarding-service-accounts
 38d5c4d7915364fa59272f36e9d33d4078046449                      	Tagging Hat
 3952e3693148885648a5c75269b4b340fed78b25                      	SLSA Policy Verification Service Accounts
+5d06ab61384824cef858ec3546488f56c2d637b8                      	autoupdate-service-accounts
 66326fee1502be50f366279038a41476658a69c1                      	Administrators
 863f2dbbc4f4bee592826bd5d5d111f4d71bc654                      	Toggle WIP
 8fba5c67cef14f54732887f0ed5275874f63b0c1                      	Nobody
 c3c8c8fb7ed0cdd572a8c96f36398cc04f40bad5                      	Google Tools
 cb61475143ce9ced506267034d8df3c364d68284                      	Gerrit Flows
+d90cb147765f40ff383b442d2c08c772b93765db                      	autoupdate-vigil-service-accounts
 f7db30a3f0ff326e3c86b9c76703f7a29d69e51c                      	Googlers
 global:Anonymous-Users                                        	Anonymous Users
 global:Project-Owners                                         	Project Owners

diff --git a/project.config b/project.config
index 9a7f398..1aa0ae9 100644
--- a/project.config
+++ b/project.config

@@ -35,12 +35,19 @@
 	label-Code-Review = -1..+1 group Registered Users
 	read = group Anonymous Users
 	read = group SLSA Policy Verification Service Accounts
+	read = group autoupdate-onboarding-service-accounts
+	read = group autoupdate-service-accounts
+	read = group autoupdate-vigil-service-accounts
 	revert = group Registered Users
 	submit = group Administrators
 	submit = group Googlers
 	submit = group Project Owners
+	submit = group autoupdate-service-accounts
+	submit = group autoupdate-vigil-service-accounts
 	labelAs-Code-Review = -2..+2 group Administrators
 	label-SLSA-Policy-Verified = -1..+1 group SLSA Policy Verification Service Accounts
+	Push = group autoupdate-service-accounts
+	Push = group autoupdate-vigil-service-accounts
 [access "refs/meta/config"]
 	exclusiveGroupPermissions = read
 	create = group Administrators
@@ -93,6 +100,9 @@
 	runAs = group Gerrit Flows
 	viewAllAccounts = group Gerrit Flows
 	viewAllAccounts = group Tagging Hat
+	viewAllAccounts = group autoupdate-onboarding-service-accounts
+	viewAllAccounts = group autoupdate-service-accounts
+	viewAllAccounts = group autoupdate-vigil-service-accounts
 [plugin "jwtservice"]
 	audience = https://api.cr.dev
 [submit-requirement "Code-Review"]