Grant acls for http://crbug.com/618641 * LUCI config service: read refs/* * CQ service account: refs/heads/* * read * submit * remove Commit-Queue vote of others * vote CQ-Verified -1..1 * Committers: vote on Commit-Queue 0..+2 on refs/heads/* I didn't grant anything to just registered users, however. Change-Id: I6fa901f8ee37811ffedf5a5b364875a8062e03c4 Reviewed-on: https://boringssl-review.googlesource.com/8380 Reviewed-by: Andrii Shyshkalov <tandrii@google.com>

commit: 3a735098dc44c203a52cc590b18c9d01a1e4c016 [log] [tgz]
author: Andrii Shyshkalov <tandrii@google.com> Mon Jun 20 14:34:36 2016 +0000
committer: Andrii Shyshkalov <tandrii@google.com> Mon Jun 20 14:51:49 2016 +0000
tree: 8ba469efae288a139c57959986f789d4dbce3432
parent: 34411d5f408ef37f184ae6575cab28e4cb853980 [diff]
diff --git a/groups b/groups
index 4df920f..b11eae2 100644
--- a/groups
+++ b/groups

@@ -1,6 +1,8 @@
 # UUID                                  	Group Name
 #
 64f36e423f1c655f470e3ebe90381a82d074f5d7	External submitters
+b82508da9de0fe9b1267567707c1152eaeadc0a6	commit-queue-bot
+e8ca8f450a1f9ddc20e55bc6c01a83137587fd7b	luci-config-service-account
 global:Anonymous-Users                  	Anonymous Users
 global:Project-Owners                   	Project Owners
 global:Registered-Users                 	Registered Users

diff --git a/project.config b/project.config
index 77e92af..1bc6688 100644
--- a/project.config
+++ b/project.config

@@ -11,6 +11,7 @@
 	administrateServer = group mdb/boringssl-committers
 [access "refs/*"]
 	read = group Anonymous Users
+	read = group luci-config-service-account
 	read = group mdb/boringssl-committers
 [access "refs/for/refs/*"]
 	push = group Registered Users
@@ -27,8 +28,14 @@
 	label-Code-Review = -2..+2 group Project Owners
 	label-Code-Review = -2..+2 group mdb/boringssl-committers
 	label-Code-Review = -1..+1 group Registered Users
+	label-Commit-Queue = 0..+2 group External submitters
+	label-Commit-Queue = 0..+2 group Project Owners
+	label-Commit-Queue = 0..+2 group mdb/boringssl-committers
+	labelAs-Commit-Queue = 0..0 group commit-queue-bot
+        label-CQ-Verified = -1..1 group commit-queue-bot
 	submit = group External submitters
 	submit = group Project Owners
+	submit = group commit-queue-bot
 	submit = group mdb/boringssl-committers
 	editTopicName = +force group Project Owners
 	editTopicName = +force group mdb/boringssl-committers
@@ -56,5 +63,29 @@
 	value =  0 No score
 	value = +1 Looks good to me, but someone else must approve
 	value = +2 Looks good to me, approved
+[label "Commit-Queue"]
+	function = NoBlock
+	abbreviation = CQ
+	value =  0 Not Ready
+	value = +1 Dry Run
+	# Comment the following line if you want to disallow automatic CQ commits.
+	# Note, that CQ just "clicks" Submit button, so all the usual checks 
+	# (such as Code-Review +2) are applied by Gerrit.
+	value = +2 Ready
+	defaultValue = 1
+
+# Label CQ Verified is not required for CQ operation, it's for UI only,
+# unless you choose to require this to be set in order to submit a change.
+# So, feel free to remove this and change infra/config/cq.cfg as well.
+[label "CQ-Verified"]
+	# Change to Block if you want to require Verified +1 to land,
+	# in which case you'd probably want to let committers set it manually as well.
+	function = NoBlock
+	abbreviation = CQV
+	value = -1 Failed CQ verifiers
+	value =  0 Unknown
+	value = +1 Passed CQ verifiers
+	defaultValue = 0
+
 [access "refs/heads/chromium-stable"]
 	push = +force group mdb/boringssl-committers
commit	3a735098dc44c203a52cc590b18c9d01a1e4c016	[log] [tgz]
author	Andrii Shyshkalov <tandrii@google.com>	Mon Jun 20 14:34:36 2016 +0000
committer	Andrii Shyshkalov <tandrii@google.com>	Mon Jun 20 14:51:49 2016 +0000
tree	8ba469efae288a139c57959986f789d4dbce3432
parent	34411d5f408ef37f184ae6575cab28e4cb853980 [diff]