commit | 51509a72b83b5c5167b213a69dda6f30701b03d9 | [log] [tgz] |
---|---|---|
author | Vadim Shtayura <vadimsh@chromium.org> | Thu Jan 10 01:25:55 2019 |
committer | Commit Bot <commit-bot@chromium.org> | Thu Jan 10 01:25:55 2019 |
tree | 5e1e0f509e7da881b9ff9b43ea41c9f3b199b390 | |
parent | ef45b74c00894b9c47e5b1df40b5cfc0f8b58f4b [diff] |
[lucicfg] Add acl.SCHEDULER_* roles, rename Buildbucket roles for consistency. Scheduler and Buildbucket use different names for the same kind of roles: Buildbucket's SCHEDULER ~= Scheduler's TRIGGERER Buildbucket's WRITER ~= Scheduler's OWNER This is confusing. So we'll need to make a compromise somewhere: either use Buildbucket-inspired roles or Scheduler-inspired ones (or pick something completely unrelated). Arguably, scheduler's ones (TRIGGERER, OWNER) are clearer than buildbucket's ones (SCHEDULER, WRITER). For one, 'schedule' is a pretty overloaded term, and SCHEDULER_SCHEDULER will look odd. Also Buildbucket's WRITER role doesn't convey the powers it grants (e.g. ability to cancel all builds in the bucket). So we now have: BUILDBUCKET_READER - can list buckets, read build properties BUILDBUCKET_TRIGGERER - can launch buildbucket tasks BUILDBUCKET_OWNER - full access to the bucket (e.g. clearing it) SCHEDULER_READER - can list scheduler job invocations SCHEDULER_TRIGGERER - can launch scheduler jobs by submitting triggers SCHEDULER_OWNER - can abort jobs R=nodir@chromium.org, tandrii@chromium.org BUG=833946 Change-Id: I494a9af90714bf1739c91fdb6fa25167681be1e6 Reviewed-on: https://chromium-review.googlesource.com/c/1400850 Commit-Queue: Vadim Shtayura <vadimsh@chromium.org> Reviewed-by: Nodir Turakulov <nodir@chromium.org>
LUCI Go code is meant to be worked on from an Chromium infra.git checkout, which enforces packages versions and Go toolchain version. First get fetch via depot_tools.git then run:
fetch infra cd infra/go eval `./env.py` cd src/go.chromium.org/luci
Contributing uses the same flow as Chromium contributions.