Initial LUCI configuration
Release-Notes: skip
Change-Id: Ia17070198227921abce58702edfb49b67995972a
diff --git a/generated/cr-buildbucket.cfg b/generated/cr-buildbucket.cfg
new file mode 100644
index 0000000..5c8967b
--- /dev/null
+++ b/generated/cr-buildbucket.cfg
@@ -0,0 +1,15 @@
+# Auto-generated by lucicfg.
+# Do not modify manually.
+#
+# For the schema of this file, see BuildbucketCfg message:
+# https://luci-config.appspot.com/schemas/projects:buildbucket.cfg
+
+buckets {
+ name: "ci"
+}
+buckets {
+ name: "prod"
+}
+buckets {
+ name: "try"
+}
diff --git a/generated/luci-logdog.cfg b/generated/luci-logdog.cfg
new file mode 100644
index 0000000..0b65e02
--- /dev/null
+++ b/generated/luci-logdog.cfg
@@ -0,0 +1,7 @@
+# Auto-generated by lucicfg.
+# Do not modify manually.
+#
+# For the schema of this file, see ProjectConfig message:
+# https://luci-config.appspot.com/schemas/projects:luci-logdog.cfg
+
+archive_gs_bucket: "logdog-gerrit-archive"
diff --git a/generated/project.cfg b/generated/project.cfg
new file mode 100644
index 0000000..7c41c9c
--- /dev/null
+++ b/generated/project.cfg
@@ -0,0 +1,15 @@
+# Auto-generated by lucicfg.
+# Do not modify manually.
+#
+# For the schema of this file, see ProjectCfg message:
+# https://luci-config.appspot.com/schemas/projects:project.cfg
+
+name: "gerrit"
+lucicfg {
+ version: "1.33.2"
+ package_dir: ".."
+ config_dir: "generated"
+ entry_point: "main.star"
+ experiments: "crbug.com/1171945"
+ experiments: "crbug.com/1347252"
+}
diff --git a/generated/realms.cfg b/generated/realms.cfg
new file mode 100644
index 0000000..4980f46
--- /dev/null
+++ b/generated/realms.cfg
@@ -0,0 +1,44 @@
+# Auto-generated by lucicfg.
+# Do not modify manually.
+#
+# For the schema of this file, see RealmsCfg message:
+# https://luci-config.appspot.com/schemas/projects:realms.cfg
+
+realms {
+ name: "@root"
+ bindings {
+ role: "role/configs.developer"
+ principals: "group:googlers"
+ }
+ bindings {
+ role: "role/swarming.poolOwner"
+ principals: "group:gerritcodereview-eng"
+ }
+ bindings {
+ role: "role/swarming.poolUser"
+ principals: "group:gerritcodereview-eng"
+ }
+ bindings {
+ role: "role/swarming.poolViewer"
+ principals: "group:googlers"
+ }
+ bindings {
+ role: "role/swarming.taskTriggerer"
+ principals: "group:gerritcodereview-eng"
+ }
+}
+realms {
+ name: "ci"
+}
+realms {
+ name: "pools/ci"
+}
+realms {
+ name: "pools/try"
+}
+realms {
+ name: "prod"
+}
+realms {
+ name: "try"
+}
diff --git a/main.star b/main.star
new file mode 100755
index 0000000..0a51661
--- /dev/null
+++ b/main.star
@@ -0,0 +1,68 @@
+#!/usr/bin/env lucicfg
+
+lucicfg.check_version("1.33.2", "Please update depot_tools")
+
+lucicfg.config(
+ config_dir = "generated",
+ tracked_files = ["*.cfg"],
+ fail_on_warnings = True,
+ lint_checks = ["default", "-module-docstring"],
+)
+
+luci.project(
+ name = "gerrit",
+
+ buildbucket = "cr-buildbucket.appspot.com",
+ logdog = "luci-logdog.appspot.com",
+ milo = "luci-milo.appspot.com",
+ notify = "luci-notify.appspot.com",
+ scheduler = "luci-scheduler.appspot.com",
+ swarming = "chromium-swarm.appspot.com.appspot.com",
+ tricium = "tricium-prod.appspot.com",
+
+ bindings = [
+ # Allow owners to submit any task in any pool.
+ luci.binding(
+ roles = [
+ "role/swarming.poolOwner",
+ "role/swarming.poolUser",
+ "role/swarming.taskTriggerer",
+ ],
+ groups = "gerritcodereview-eng",
+ ),
+
+ # Allow any googler to see all bots and tasks there.
+ luci.binding(
+ roles = "role/swarming.poolViewer",
+ groups = "googlers",
+ ),
+
+ # Allow any googler to read/validate/reimport the project configs.
+ luci.binding(
+ roles = "role/configs.developer",
+ groups = "googlers",
+ )
+ ],
+)
+
+# Per-service tweaks.
+luci.logdog(gs_bucket = "logdog-gerrit-archive")
+
+# Realms with ACLs for corresponding Swarming pools.
+luci.realm(name = "pools/ci")
+luci.realm(name = "pools/try")
+
+# Global recipe defaults
+luci.recipe.defaults.cipd_version.set("refs/heads/main")
+luci.recipe.defaults.use_python3.set(True)
+
+# The try bucket will include builders which work on pre-commit or pre-review
+# code.
+luci.bucket(name = "try")
+
+# The ci bucket will include builders which work on post-commit code.
+luci.bucket(name = "ci")
+
+# The prod bucket will include builders which work on post-commit code and
+# generate executable artifacts used by other users or machines.
+luci.bucket(name = "prod")
