WORKDIR /minio
          ENV GOEXPERIMENT=boringcrypto
          RUN make
          EOF

      - name: Build
        uses: docker/build-push-action@v3
        with:
          context: .
          file: Dockerfile.fips.test
          push: false
          load: true
          tags: minio/fips-test:latest

      # This should fail if grep returns non-zero exit
      - name: Test binary
        run: |

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI

on:
  push:
    branches:
      - master
      - r2.**
permissions:
  contents: read

jobs:
  build:
    # Don't do this in forks, and if labeled, only for 'kokoro:force-run'

name: IDE Experience team notifier
run-name: Notify the IDE Experience team about new RCs for manual testing
on:
  push:
    tags:
      - 'v*.*.*-RC1'

permissions: {}

jobs:
  send-slack-notification:
    runs-on: ubuntu-latest
    steps:
      - name: Send Slack notification about new RCs for manual testing
        id: slack
        uses: slackapi/slack-github-action@v1.23.0
        with:
          payload: |
            {

name: build

on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, labeled, unlabeled, synchronize]

permissions:
  contents: read

env:
  GRADLE_OPTS: "-Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dkotlin.incremental=false"

jobs:
  publish:
    runs-on: ubuntu-latest
    if: github.repository == 'square/okhttp' && github.ref == 'refs/heads/master'

    steps:
      - name: Checkout

name: Test

on:
  push:
    branches:
      - master
  pull_request:
    types:
      - opened
      - synchronize
  schedule:
    # cron every week on monday
    - cron: "0 0 * * 1"

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v4

name: Contributor CI Build

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

concurrency:
  # On master/release, we don't want any jobs cancelled so the sha is used to name the group
  # On PR branches, we cancel the job if new commits are pushed

  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    name: Scorecard analysis
    runs-on: ubuntu-latest
    permissions:

name: Build Docs
on:
  push:
    branches:
      - master
  pull_request:
    types:
      - opened
      - synchronize
jobs:
  changes:
    runs-on: ubuntu-latest
    # Required permissions
    permissions:
      pull-requests: read
    # Set job outputs to values from filter step
    outputs:
      docs: ${{ steps.filter.outputs.docs }}
    steps:
    - uses: actions/checkout@v4

# specific language governing permissions and limitations
# under the License.

name: Can Maven build itself

on: [push, pull_request]

# clear all permissions for GITHUB_TOKEN
permissions: {}

jobs:
  build:

    # execute on any push or pull request from forked repo
    if: github.event_name == 'push' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork )

    strategy:
      matrix:

# specific language governing permissions and limitations
# under the License.

name: Java CI

on: [push, pull_request]

# clear all permissions for GITHUB_TOKEN
permissions: {}

jobs:
  build:

    # execute on any push or pull request from forked repo
    if: github.event_name == 'push' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork )

    strategy:
      matrix: