aboutsummaryrefslogtreecommitdiff
path: root/files/infra/config/realms.cfg
blob: ae04529efab637594f7ba9b6fb9a4e47fc624fba (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

# Auto-generated by lucicfg.
# Do not modify manually.
#
# For the schema of this file, see RealmsCfg message:
#   https://luci-config.appspot.com/schemas/projects:realms.cfg

realms {
  name: "@root"
  bindings {
    role: "role/buildbucket.owner"
    principals: "group:project-libyuv-admins"
  }
  bindings {
    role: "role/buildbucket.reader"
    principals: "group:all"
  }
  bindings {
    role: "role/configs.reader"
    principals: "group:all"
  }
  bindings {
    role: "role/configs.validator"
    principals: "user:libyuv-try-builder@chops-service-accounts.iam.gserviceaccount.com"
  }
  bindings {
    role: "role/logdog.reader"
    principals: "group:all"
  }
  bindings {
    role: "role/logdog.writer"
    principals: "group:luci-logdog-chromium-writers"
  }
  bindings {
    role: "role/scheduler.owner"
    principals: "group:project-libyuv-admins"
  }
  bindings {
    role: "role/scheduler.reader"
    principals: "group:all"
  }
}
realms {
  name: "ci"
  bindings {
    role: "role/buildbucket.builderServiceAccount"
    principals: "user:libyuv-ci-builder@chops-service-accounts.iam.gserviceaccount.com"
  }
  bindings {
    role: "role/scheduler.triggerer"
    principals: "user:libyuv-ci-builder@chops-service-accounts.iam.gserviceaccount.com"
    conditions {
      restrict {
        attribute: "scheduler.job.name"
        values: "Android Tester ARM32 Debug (Nexus 5X)"
        values: "Android Tester ARM32 Release (Nexus 5X)"
        values: "Android Tester ARM64 Debug (Nexus 5X)"
      }
    }
  }
}
realms {
  name: "cron"
  bindings {
    role: "role/buildbucket.builderServiceAccount"
    principals: "user:libyuv-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com"
  }
}
realms {
  name: "try"
  bindings {
    role: "role/buildbucket.builderServiceAccount"
    principals: "user:libyuv-try-builder@chops-service-accounts.iam.gserviceaccount.com"
  }
  bindings {
    role: "role/buildbucket.triggerer"
    principals: "group:project-libyuv-tryjob-access"
    principals: "group:service-account-cq"
  }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 05:15:33 +0000