# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI Extended

on:
  push:
    tags:
      - v2.**
  schedule:
    - cron: '0 4 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CD

on:
  push:
    tags:
      - v2.**
    branches:
      - r2.**
  schedule:
    - cron: '0 8 * * *'

permissions:
  contents: read

jobs:
  build:

name: CI

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

permissions:
  contents: read

jobs:
  test:
    permissions:
      actions: write  # for styfle/cancel-workflow-action to cancel/stop running workflows
      contents: read  # for actions/checkout to fetch code
    name: "${{ matrix.root-pom }} on JDK ${{ matrix.java }} on ${{ matrix.os }}"
    strategy:
      matrix:

          fetch-depth: 0
      - name: Setup java
        uses: actions/setup-java@v5
        with:
          distribution: temurin
          java-version: 17
      - name: Update Gradle to latest nightly and push to devprod/upgrade-to-latest-wrapper
        run: |
          set -eu
          git config --global user.email "******@****.***"
          git config --global user.name "GitHub Action"

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI Extended C++

on:
  push:
    tags:
      - v2.**
  schedule:
    - cron: '0 2 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

name: Submit Dependency Graph
on:
  workflow_dispatch:
  push:
    branches:
      - master

permissions: {}

jobs:
  generate-and-submit:
    permissions:
      contents: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v5
    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
    - name: Setup Gradle

  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '26 3 * * 2'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

name: "Conflict detector"
on:
  push:
  pull_request_target:
    types: [synchronize]

jobs:
  main:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3
        with:
          dirtyLabel: "conflicts"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"

name: docs

on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, labeled, unlabeled, synchronize]

permissions:
  contents: read

env:
  GRADLE_OPTS: "-Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dkotlin.incremental=false"

jobs:
  test_docs:
    permissions:
      checks: write # for actions/upload-artifact
    runs-on: ubuntu-latest

name: "Check markdown links"

on:
  push:
    branches:
      - master
  pull_request:
  workflow_dispatch:

permissions: {}

jobs:
  check-links:
    permissions:
      contents: read
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v5

      - name: Check links
        uses: lycheeverse/lychee-action@v2.6.1
        with:
          # excluded: