Modify access rules
diff --git a/groups b/groups
index a1f2b69..3040c3a 100644
--- a/groups
+++ b/groups
@@ -1,6 +1,8 @@
# UUID Group Name
#
-3e2ea69d61ca1d8aec6b813951463433f507243e trusted-firmware-a-next-approvers
+12cd7f45d37c370b4de75bd8e2b736330b063b34 rusted-firmware-a-developers
+2b67a42919bb2c91a8e6e41d1486ccfb2cac6697 rusted-firmware-a-approvers
+3c602ebb948eaf2077cc2eb062eb1a3b0367d759 Service Users
4db8267426bbc5d487c8dbdcf58a1c50202b1c92 trusted-firmware-a-arm-approvers
7c05eb1a9b6d175b7b553af378f380423ff922e4 Bot Users
e6c7d43acfb1f19237de5b3a49807b7ee01e4073 trusted-firmware-a-next
diff --git a/project.config b/project.config
index 4462a23..702d8ff 100644
--- a/project.config
+++ b/project.config
@@ -20,46 +20,45 @@
[access "refs/*"]
owner = group user/Sandrine Afsa (sandrine-bailleux-arm)
# Restrict visibility to a subset of developers.
- read = group trusted-firmware-a-next
- exclusiveGroupPermissions = read
- # The CI bot also needs access.
read = group Bot Users
+ # The CI bot also needs access.
+ read = group Service Users
+ read = group trusted-firmware-a-next
[access "refs/heads/*"]
- create = group trusted-firmware-a-next-approvers
- forgeAuthor = group trusted-firmware-a-next-approvers
- forgeCommitter = group trusted-firmware-a-next-approvers
- forgeServerAsCommitter = group trusted-firmware-a-next-approvers
- push = +force group trusted-firmware-a-next-approvers
- submit = group trusted-firmware-a-next-approvers
+ create = group rusted-firmware-a-approvers
+ forgeAuthor = group rusted-firmware-a-approvers
+ forgeCommitter = group rusted-firmware-a-approvers
+ forgeServerAsCommitter = group rusted-firmware-a-approvers
+ push = +force group rusted-firmware-a-approvers
+ submit = group rusted-firmware-a-approvers
removeReviewer = group trusted-firmware-a-next
- abandon = group trusted-firmware-a-next-approvers
+ abandon = group rusted-firmware-a-approvers
- label-Code-Review = -1..+1 group trusted-firmware-a-next
- label-Code-Review = -2..+2 group trusted-firmware-a-next-approvers
+ label-Code-Review = -2..+2 group rusted-firmware-a-approvers
+ label-Code-Review = -1..+1 group rusted-firmware-a-developers
label-Unsafe-Review = -1..+1 group trusted-firmware-a-next
# A CI job will vote Unsafe-Review+1 for patches that do not touch any
# unsafe code.
- label-Unsafe-Review = 0..+1 group Bot Users
+ label-Unsafe-Review = +0..+1 group Bot Users
label-Verified = -1..+1 group Bot Users
- label-Verified = -1..+1 group trusted-firmware-a-next-approvers
+ label-Verified = -1..+1 group rusted-firmware-a-approvers
[access "refs/meta/dashboards/*"]
create = group trusted-firmware-a-arm-approvers
push = group trusted-firmware-a-arm-approvers
[access "refs/meta/config"]
- read = group trusted-firmware-a-arm-approvers
- create = group trusted-firmware-a-arm-approvers
- push = group trusted-firmware-a-arm-approvers
- submit = group trusted-firmware-a-arm-approvers
- label-Code-Review = -2..+2 group trusted-firmware-a-arm-approvers
- exclusiveGroupPermissions = submit
- label-Verified = -1..+1 group trusted-firmware-a-arm-approvers
- label-Code-Owner-Review = -1..+1 group trusted-firmware-a-arm-approvers
- label-Maintainer-Review = -1..+1 group trusted-firmware-a-arm-approvers
+ read = group rusted-firmware-a-approvers
+ create = group rusted-firmware-a-approvers
+ push = group rusted-firmware-a-approvers
+ submit = group rusted-firmware-a-approvers
+ label-Code-Review = -2..+2 group rusted-firmware-a-approvers
+ label-Verified = -1..+1 group rusted-firmware-a-approvers
+ label-Code-Owner-Review = group rusted-firmware-a-approvers
+ label-Maintainer-Review = group rusted-firmware-a-approvers
################################################################################
# Labels