name: ARM CD

on:
  push:
    tags:
      - v2.**
    branches:
      - r2.**
  schedule:
    - cron: '0 8 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    runs-on: [self-hosted, linux, ARM64]
    strategy:
      fail-fast: false
      matrix:

      - 'tensorflow/tools/tf_sig_build_dockerfiles/**'
      - '!tensorflow/tools/tf_sig_build_dockerfiles/README.md'
    branches:
      - "r[1-9].[0-9]+"

permissions:
  contents: read

jobs:
  docker:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: [python3.9, python3.10, python3.11, python3.12]

# supported CodeQL languages.
#
name: "CodeQL"

on:
  push:
    branches: [ "master" ]
  pull_request:
    branches: [ "master" ]
  schedule:
    - cron: '38 6 * * 1'

jobs:
  analyze:
    name: Analyze (${{ matrix.language }})
    # Runner size impacts CodeQL analysis time. To learn more, please see:
    #   - https://gh.io/recommended-hardware-resources-for-running-codeql

# Increase the test timeout as tests often take longer on mac.
test:rbe_cross_compile_macos_x86 --test_timeout=300,450,1200,3600
# Limit jobs to 100 to avoid running into "out of memory" issues (b/316266643)
build:rbe_cross_compile_macos_x86 --jobs=100
test:rbe_cross_compile_macos_x86 --jobs=100
# END MACOS CROSS-COMPILE CONFIGS
# END CROSS-COMPILE CONFIGS

# Try to load the XLA warnings config if available

//     affects read from source, block, file, dedup, and object storage backup targets for a specific Veeam Job. When customers
//     create a new backup job and select the object storage or a SOBR as a backup target with this setting, the job default
//     setting will be set to this value. This setting will be only applied to newly created jobs (manual changes with Active Full
//     processing possible from the customer side).

#
# Separately, if TFCI is set *and* there are also additional TFCI_ variables
# set in the shell environment, those variables will be restored after the
# TFCI env has been loaded. This is useful for e.g. on-demand "generic" jobs
# where the user may wish to change just one option.
if [[ -z "${TFCI:-}" ]]; then
  echo '==TFCI==: The $TFCI variable is not set. This is fine as long as you'

name: "Code scanning - action"

on:
  push:
    branches: [ main, master, release ]
  schedule:
    - cron: '0 5 * * *'

permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

# specific language governing permissions and limitations
# under the License.

name: Java CI

on: [push, pull_request, workflow_dispatch]

# clear all permissions for GITHUB_TOKEN
permissions: {}

jobs:
  build:

    # execute on any push, workflow_dispatch  or pull request from forked repo
    if: >
      github.event_name == 'push' ||
      github.event_name == 'workflow_dispatch' ||

name: tests

on:
  push:
    branches-ignore:
      - 'gh-pages'
  pull_request:
    branches-ignore:
      - 'gh-pages'

permissions:
  contents: read

jobs:
  # Label of the container job
  sqlite:
    strategy:
      matrix:
        go: ['1.22', '1.21', '1.20']
        platform: [ubuntu-latest] # can not run in windows OS
    runs-on: ${{ matrix.platform }}

    steps:
    - name: Set up Go 1.x

# ============================================================================

name: Close inactive issues
on:
  schedule:
    - cron: "30 1 * * *"

permissions:
  contents: read

jobs:
  close-issues:
    # Don't do this in forks
    if: github.repository == 'tensorflow/tensorflow'
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
    steps: