Add taskServiceAccount role to dawn-automated-expectations@
Bug: dawn:1940
Change-Id: I8275f8e5267144f932a54a816a4a6084e469523d
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/147263
Kokoro: Austin Eng <enga@chromium.org>
Commit-Queue: Austin Eng <enga@chromium.org>
Reviewed-by: Ryan Harrison <rharrison@chromium.org>
diff --git a/infra/config/global/generated/realms.cfg b/infra/config/global/generated/realms.cfg
index 94dd87b..2c301b0 100644
--- a/infra/config/global/generated/realms.cfg
+++ b/infra/config/global/generated/realms.cfg
@@ -34,6 +34,10 @@
role: "role/scheduler.reader"
principals: "group:all"
}
+ bindings {
+ role: "role/swarming.taskServiceAccount"
+ principals: "user:dawn-automated-expectations@chops-service-accounts.iam.gserviceaccount.com"
+ }
}
realms {
name: "ci"
diff --git a/infra/config/global/main.star b/infra/config/global/main.star
index c91ff52..c7d9104 100755
--- a/infra/config/global/main.star
+++ b/infra/config/global/main.star
@@ -51,6 +51,10 @@
roles = "role/configs.validator",
users = "dawn-try-builder@chops-service-accounts.iam.gserviceaccount.com",
),
+ luci.binding(
+ roles = "role/swarming.taskServiceAccount",
+ users = "dawn-automated-expectations@chops-service-accounts.iam.gserviceaccount.com",
+ ),
],
)
