# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    name: Scorecards analysis
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write
      # Needed to publish results and get a badge (see publish_results below).
      id-token: write

        mostRecentSnapshot = releasedVersions.latestReleaseSnapshot.gradleVersion()

        val testedVersions = previousVersions.filter { it.gradleVersion() >= lowestTestedVersion }
        // Only use latest patch release of each Gradle version
        allTestedVersions = testedVersions.map { VersionNumber.parse(it.gradleVersion().version) }
            .groupBy { "${it.major}.${it.minor}" }

jobs:
  add-reviews:
    permissions:
      contents: read  # for kentaro-m/auto-assign-action to fetch config file
      pull-requests: write  # for kentaro-m/auto-assign-action to assign PR reviewers
    runs-on: ubuntu-latest
    steps:

## API Response

XML response for this API is similar to [AWS STS AssumeRoleWithWebIdentity](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html#API_AssumeRoleWithWebIdentity_ResponseElements)

## Example request and response

Sample request with `curl`:

```sh

name: "Conflict detector"
on:
  push:
  pull_request_target:
    types: [synchronize]

jobs:
  main:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3
        with:
          dirtyLabel: "conflicts"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"

#!/bin/bash

function download_arch_specific_executable {
	curl -f -L -s -q \
		https://github.com/moparisthebest/static-curl/releases/latest/download/curl-$1 \
		-o /go/bin/curl || exit 1
	chmod +x /go/bin/curl
}

case $TARGETARCH in
"arm64")
	download_arch_specific_executable aarch64
	;;
"s390x")
	echo "Not downloading static cURL because it does not exist for the $TARGETARCH architecture."
	;;
*)

    types: [ closed, unlabeled, milestoned, demilestoned ]

permissions: {}

jobs:
  check_pull_metadata:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      # Check that PRs have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/pull-metadata.ts

Health

Subnet Health diagnostics help ensure that the underlying infrastructure that runs MinIO is configured correctly, and is functioning properly. This test is one-shot long running one, that is recommended to be run as soon as the cluster is first provisioned, and each time a failure scenario is encountered. Note that the test incurs majority of the available resources on the system. Care must be taken when using this to debug failure scenario, so as to prevent larger outages. Health tests...

name: Set nightly branch to master HEAD

permissions: {}

jobs:
  master-to-nightly:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
    - uses: zofrex/mirror-branch@0be56f4c8077a288a635a491b306ba0bb1c810e6 # v1.0.4
      name: Set nightly branch to master HEAD
      with:

  pull_request:
    # The branches below must be a subset of the branches above
    branches: [master]
  schedule:
    - cron: '0 11 * * 4'

jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        # Override automatic language detection by changing the below list
        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']