name: CI

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

permissions:
  contents: read

jobs:
  test:
    permissions:
      actions: write  # for styfle/cancel-workflow-action to cancel/stop running workflows
      contents: read  # for actions/checkout to fetch code
    name: "${{ matrix.root-pom }} on JDK ${{ matrix.java }} on ${{ matrix.os }}"
    strategy:
      matrix:

ml_dtypes >= 0.5.1, < 0.6.0
auditwheel >= 6.1.0
# Install tensorboard, and keras
# Note that here we want the latest version that matches TF major.minor version
# Note that we must use nightly here as these are used in nightly jobs
# For release jobs, we will pin these on the release branch
keras-nightly ~= 3.10.0.dev
tb-nightly ~= 2.20.0.a
# For new protobuf, if V.x.y is gencode version, then runtime version U must be
# V <= U <= V+1

ml_dtypes >= 0.5.1, < 0.6.0
auditwheel >= 6.1.0
# Install tensorboard, and keras
# Note that here we want the latest version that matches TF major.minor version
# Note that we must use nightly here as these are used in nightly jobs
# For release jobs, we will pin these on the release branch
keras-nightly ~= 3.10.0.dev
tb-nightly ~= 2.20.0.a
# For new protobuf, if V.x.y is gencode version, then runtime version U must be
# V <= U <= V+1

name: "Conflict detector"
on:
  push:
  pull_request_target:
    types: [synchronize]

jobs:
  main:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3
        with:
          dirtyLabel: "conflicts"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"

name: Publish

on:
  release:
    types:
      - created

jobs:
  publish:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        package:
          - fastapi
          - fastapi-slim
    permissions:
      id-token: write
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v5

name: 'Requeue stale team-triage items'
on:
  schedule:
    # Execute every day at 00:05 to avoid conflicts with other workflows
    - cron: '5 0 * * *'

permissions: {}

jobs:
  requeue:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - uses: actions/stale@v10
        with:
          operations-per-run: 50
          remove-stale-when-updated: false

name: Contributor CI Build

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

concurrency:
  # On master/release, we don't want any jobs cancelled so the sha is used to name the group
  group: ${{ (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/release' ) && format('contributor-pr-base-{0}', github.sha) || format('contributor-pr-{0}', github.ref) }}
  cancel-in-progress: false

env:

name: 'Close stale PRs'
on:
  schedule:
    # Execute every hour at xx:05 to avoid conflicts with other workflows
    - cron: '5 * * * *'

permissions: {}

jobs:
  stale:
    permissions:
      pull-requests: write

    runs-on: ubuntu-latest
    steps:
      - uses: actions/stale@v10
        with:
          operations-per-run: 50
          ascending: true
          exempt-all-milestones: true

name: Auto update performance test durations JSON

on:
  schedule:
    - cron: '53 3 * * 1'
  workflow_dispatch:

permissions:
  contents: write
  id-token: write
  pull-requests: write

jobs:
  update-perf-test-buckets:
    runs-on: ubuntu-latest

    if: github.repository == 'gradle/gradle'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v5
      - name: configure aws credentials

  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    name: Scorecard analysis
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write