name: 'Auto Assign PR to Author'
on:
  pull_request:
    types: [opened]

permissions: {}

jobs:
  add-reviews:
    permissions:
      contents: read  # for kentaro-m/auto-assign-action to fetch config file
      pull-requests: write  # for kentaro-m/auto-assign-action to assign PR reviewers
    runs-on: ubuntu-latest
    steps:

name: Check pulls metadata

on:
  pull_request_target:
    types: [ closed ]

permissions: {}

jobs:
  check_pull_metadata:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      # Check that PRs have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/pull-metadata.ts

on:
  schedule:
    - cron: 0 4 * * 1

permissions:
  # Require writing security events to upload SARIF file to security tab
  security-events: write
  # Only need to read contents
  contents: read

jobs:
  scan-scheduled:
    if: github.repository == 'tensorflow/tensorflow'
    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.9.0"
    with:
      scan-args: |-

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================
# Release jobs are very basic. They don't use any caching or RBE,
# but they do upload logs to resultstore.
# IMPORTANT: trailing slash is required on GCS URIs, as it tells gcloud to
# pretend the path is a directory.

# See .github/workflows/CheckBadMerge.groovy for explanation
name: Check bad merge commit
on:
  pull_request:
    types:
     - opened
     - synchronize

permissions: {}

jobs:
  check_pr_commits:
    permissions:
      contents: read
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up JDK 17

name: Labels
on:
  pull_request_target:
    types:
      - opened
      - synchronize
      - reopened
      # For label-checker
      - labeled
      - unlabeled

jobs:
  labeler:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/labeler@v5
      if: ${{ github.event.action != 'labeled' && github.event.action != 'unlabeled' }}

name: Java CI with Maven

on:
  push:
    branches:
    - master
    - "*.x"
  pull_request:
    branches:
    - master
    - "*.x"

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - name: Set up JDK 21
      uses: actions/setup-java@v2
      with:
        java-version: '21'

  pull_request:
    types: [opened, labeled, unlabeled, synchronize]

permissions:
  contents: read

env:
  GRADLE_OPTS: "-Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dkotlin.incremental=false"

jobs:
  test_containers:
    permissions:
      checks: write # for actions/upload-artifact
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/master' || contains(github.event.pull_request.labels.*.name, 'containers')

[@devinfra](https://github.com/orgs/tensorflow/teams/devinfra)

********************************************************************************

A directory for build and CI related scripts and jobs managed by the TensorFlow

        required: true
      debug_enabled:
        description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
        required: false
        default: 'false'

jobs:
  latest-changes:
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"