# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI Extended

on:
  push:
    tags:
      - v2.**
  schedule:
    - cron: '0 4 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CD

on:
  push:
    tags:
      - v2.**
    branches:
      - r2.**
  schedule:
    - cron: '0 8 * * *'

permissions:
  contents: read

jobs:
  build:

name: CI

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

permissions:
  contents: read

jobs:
  test:
    permissions:
      actions: write  # for styfle/cancel-workflow-action to cancel/stop running workflows
      contents: read  # for actions/checkout to fetch code
    name: "${{ matrix.root-pom }} on JDK ${{ matrix.java }} on ${{ matrix.os }}"
    strategy:
      matrix:

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI Extended C++

on:
  push:
    tags:
      - v2.**
  schedule:
    - cron: '0 2 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '26 3 * * 2'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

name: "Conflict detector"
on:
  push:
  pull_request_target:
    types: [synchronize]

jobs:
  main:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3
        with:
          dirtyLabel: "conflicts"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI

on:
  push:
    branches:
      - master
      - r2.**
permissions:
  contents: read

jobs:
  build:
    # Don't do this in forks, and if labeled, only for 'kokoro:force-run'

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: cffconvert

on:
  push:
    paths:
      - CITATION.cff

permissions:
  contents: read

jobs:
  validate:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    name: "validate"

# limitations under the License.
# ==============================================================================

name: Creates a GitHub Issue when a PR Rolled back via Commit to Master
on:
  push:
    branches:
      - master
      
permissions: {}

jobs:
  create-issue-on-pr-rollback:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      issues: write

  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    name: Scorecard analysis
    runs-on: ubuntu-latest
    permissions: