- name: Checkout repository for nightly (skipped for releases)
        if: ${{ github.event_name == 'schedule' }}
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: 'nightly'
      - name: Checkout repository
        if: ${{ github.event_name == 'push' }}
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Checkout repository for nightly (skipped for releases)
        if: ${{ github.event_name == 'schedule' }}
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: 'nightly'
      - name: Checkout repository for releases (skipped for nightly)
        if: ${{ github.event_name == 'push' }}

      - name: Checkout repository for nightly (skipped for releases)
        if: ${{ github.event_name == 'schedule' }}
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: 'nightly'
      - name: Checkout repository
        if: ${{ github.event_name == 'push' }}
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

name: PyLint
on:
  pull_request:
    paths:
      - '**.py'

permissions:
  contents: read

jobs:
  build:
    name: PyLint
    runs-on: ubuntu-latest
    steps:
    - name: Checkout code
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
    - name: Get file changes
      id: get_file_changes
      uses: trilom/file-changes-action@a6ca26c14274c33b15e6499323aac178af06ad4b # v1.2.4
      with:

      pull-requests: read
    if: |
      github.repository == 'tensorflow/tensorflow' &&
      startsWith(github.event.head_commit.message, 'Rollback of PR #')
    steps:
      - name: Checkout repo
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Create a new Github Issue
        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        with:

      - master

permissions:
  contents: read

jobs:
  test:
    permissions:
      actions: write  # for styfle/cancel-workflow-action to cancel/stop running workflows
      contents: read  # for actions/checkout to fetch code
    name: "${{ matrix.root-pom }} on JDK ${{ matrix.java }} on ${{ matrix.os }}"
    strategy:
      matrix:
        os: [ ubuntu-latest ]
        java: [ 8, 11, 17, 21 ]

      id-token: write
      # Uncomment the permissions below if installing in a private repository.
      # contents: read
      # actions: read

    steps:
      - name: "Checkout code"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46

        python-version: [python3.9, python3.10, python3.11, python3.12]
    steps:
      - name: Delete unnecessary tools folder
        run: rm -rf /opt/hostedtoolcache
      -
        name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
      -

      security-events: write
      # Needed to publish results and get a badge (see publish_results below).
      id-token: write

    steps:
      - name: "Checkout code"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

      - name: "Run analysis"
        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46

    runs-on: ubuntu-latest
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    steps:
    - name: Checkout code
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        ref: ${{ github.event.inputs.release_branch }}
    - name: Get some helpful info for formatting
      id: cherrypick
      run: |