# Enable debug for the `gradle-build-action` cache operations
  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true

permissions: {}

jobs:
  build:
    name: "Compile All"
    permissions:
      contents: read
    runs-on: ubuntu-latest
    steps:
      - name: git clone
        uses: actions/checkout@v4
      - id: setup-matrix

	JMP	label0+0	// JMP 66
	BEQ	R1, 2(PC)
	JAL	1(PC)	// CALL 1(PC)
	BEQ	R1, 2(PC)
	JAL	label0+0	// CALL 66

	//	LBRA addr
	//	{
	//		outcode(int($1), &nullgen, 0, &$2);
	//	}
	BEQ	R1, 2(PC)
	JMP	0(R1)	// JMP (R1)
	BEQ	R1, 2(PC)
	JMP	foo+0(SB)	// JMP foo(SB)
	BEQ	R1, 2(PC)
	JAL	0(R1)	// CALL (R1)
	BEQ	R1, 2(PC)
	JAL	foo+0(SB)	// CALL foo(SB)

//
// BEQ/BNE
//
//	LBRA rreg ',' rel

      matrix:
        go-version: [1.21.x]
        ldap: ["", "localhost:389"]
        etcd: ["", "http://localhost:2379"]
        openid: ["", "http://127.0.0.1:5556/dex"]
        exclude:
          # exclude combos where all are empty.
          - ldap: ""
            etcd: ""
            openid: ""
          # exclude combos where both ldap and openid IDPs are specified.
          - ldap: "localhost:389"

linters-settings:
  gofumpt:
    simplify: true

  misspell:
    locale: US

  staticcheck:
    checks: ['all', '-ST1005', '-ST1000', '-SA4000', '-SA9004', '-SA1019', '-SA1008', '-U1000', '-ST1016']

linters:
  disable-all: true
  enable:
    - durationcheck
    - gocritic
    - gofumpt
    - goimports
    - gomodguard
    - govet
    - ineffassign
    - misspell
    - revive
    - staticcheck
    - tenv

Unfortunately, Helm provides us (1) and (3) together (as .Values), making it hard to insert (2).

However, we can workaround this by placing all of (1) under a specific key (.Values.defaults).
We can then merge the profile onto the defaults, then the user settings onto that.
Finally, we can set all of that under .Values so the chart behaves without awareness.
*/}}
{{- $defaults := $.Values.defaults }}
{{- $_ := unset $.Values "defaults" }}

{{- /* Core defines the common configuration used by all webhook segments */}}
{{/* Copy just what we need to avoid expensive deepCopy */}}
{{- $whv := dict
 "revision" .Values.revision
  "injectionPath" .Values.istiodRemote.injectionPath
  "injectionURL" .Values.istiodRemote.injectionURL
  "reinvocationPolicy" .Values.sidecarInjectorWebhook.reinvocationPolicy
  "caBundle" .Values.istiodRemote.injectionCABundle
  "namespace" .Release.Namespace }}

    injectionURL: ""

  # Revision is set as 'version' label and part of the resource names when installing multiple control planes.
  revision: ""

  sidecarInjectorWebhook:
    # This enables injection of sidecar in all namespaces,

# Copyright 2022 The TensorFlow Authors. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,

# Copyright 2022 The TensorFlow Authors. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,

  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    name: Scorecard analysis
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write