name: VulnCheck
on:
  pull_request:
    branches:
      - master

  push:
    branches:
      - master

permissions:
  contents: read # to fetch code (actions/checkout)

jobs:
  vulncheck:
    name: Analysis
    runs-on: ubuntu-latest
    steps:
      - name: Check out code into the Go module directory
        uses: actions/checkout@v4
      - name: Set up Go
        uses: actions/setup-go@v5
        with:

import org.lastaflute.job.LaJob;
import org.lastaflute.job.LaJobRunner;
import org.lastaflute.job.LaJobScheduler;

import jakarta.annotation.Resource;

/**
 * Job scheduler for managing all scheduled jobs in Fess.
 * Implements LaJobScheduler to handle job scheduling and execution.
 */
public class AllJobScheduler implements LaJobScheduler {

    private static final Logger logger = LogManager.getLogger(AllJobScheduler.class);

name: Java CI with Maven

on:
  push:
    branches:
    - master
    - "*.x"
  pull_request:
    branches:
    - master
    - "*.x"

jobs:
  build:
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest]

    steps:
    - uses: actions/checkout@v4
    - name: Set up JDK 17

name: Publish

on:
  release:
    types:
      - created

jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v6
      - name: Set up Python
        uses: actions/setup-python@v6
        with:

# Synchronize all pushes to 'master' branch with 'main' branch to facilitate migration
name: "Sync main branch"
on:
  push:
    branches:
      - master

jobs:
  sync_latest_from_upstream:
    runs-on: ubuntu-latest
    name: Sync latest commits from master branch

    steps:
      - name: Checkout target repo
        uses: actions/checkout@v2
        with:
          ref: main

      - name: Sync upstream changes

name: "Issue Labeler"
on:
  issues:
    types: [opened, edited, reopened]
  pull_request:
    types: [opened, edited, reopened]

jobs:
  triage:
    runs-on: ubuntu-latest
    name: Label issues and pull requests
    steps:
      - name: check out
        uses: actions/checkout@v4

      - name: labeler
        uses: jinzhu/super-labeler-action@develop
        with:

name: Submit Dependency Graph
on:
  workflow_dispatch:
  push:
    branches:
      - master

permissions: {}

jobs:
  generate-and-submit:
    permissions:
      contents: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v6
    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
    - name: Setup Gradle

name: 'Auto Assign PR to Author'
on:
  pull_request:
    types: [opened]

permissions: {}

jobs:
  add-reviews:
    permissions:
      contents: read  # for kentaro-m/auto-assign-action to fetch config file
      pull-requests: write  # for kentaro-m/auto-assign-action to assign PR reviewers
    runs-on: ubuntu-latest
    steps:

name: Check pulls metadata

on:
  pull_request_target:
    types: [ closed, unlabeled, milestoned, demilestoned ]

permissions: {}

jobs:
  check_pull_metadata:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      # Check that PRs have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/pull-metadata.ts

name: "Conflict detector"
on:
  push:
  pull_request_target:
    types: [synchronize]

jobs:
  main:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3
        with:
          dirtyLabel: "conflicts"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"