name: origin
          # master node jenkins user ~/.ssh
          credentials-id: f6c7695a-671e-4f4f-a331-acdce44ff9ba
          reference-repo: "/var/lib/jenkins/.git-references/elasticsearch.git"
          branches:
            - "${branch_specifier}"
          url: "https://github.com/elastic/elasticsearch.git"
          basedir: ""
          wipe-workspace: true
    triggers: []
    wrappers:
      - timeout:

name: "Check CODEOWNERS file"

on:
  push:
    branches:
      - master
  pull_request:
  workflow_dispatch:

permissions: { }

jobs:
  code-owners-validation:
    permissions:
      contents: read
      id-token: write
    runs-on: ubuntu-latest
    steps:
      - name: Get Secrets
        uses: gradle/actions-internal/get-aws-secrets@v1

name: Latest Changes

on:
  pull_request_target:
    branches:
      - master
    types:
      - closed
  workflow_dispatch:
    inputs:
      number:
        description: PR number
        required: true
      debug_enabled:
        description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
        required: false
        default: 'false'

jobs:
  latest-changes:

  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
  analysis:
    name: Scorecard analysis
    runs-on: ubuntu-latest
    permissions:

# limitations under the License.
# ==============================================================================

name: ARM CD

on:
  push:
    tags:
      - v2.**
    branches:
      - r2.**
  schedule:
    - cron: '0 8 * * *'

permissions:
  contents: read

jobs:
  build:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks

name: IAM integration

on:
  pull_request:
    branches:
      - master

# This ensures that previous jobs for the PR are canceled when the PR is
# updated.
concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref }}
  cancel-in-progress: true

permissions:
  contents: read

jobs:
  iam-matrix-test:
    name: "[Go=${{ matrix.go-version }}|ldap=${{ matrix.ldap }}|etcd=${{ matrix.etcd }}|openid=${{ matrix.openid }}]"

                );
            }
            return null;
        }));
    }

    /**
     * Will be removed once this is backported to all unreleased branches.
     */
    private static String getProjectConfig(ElasticsearchDistribution distribution, BwcVersions.UnreleasedVersionInfo info) {
        String distributionProjectName = distributionProjectName(distribution);

# See the License for the specific language governing permissions and
# limitations under the License.
# ==============================================================================

name: ARM CI

on:
  push:
    branches:
      - master
      - r2.**
permissions:
  contents: read

jobs:
  build:
    # Don't do this in forks, and if labeled, only for 'kokoro:force-run'

name: MinIO advanced tests

on:
  pull_request:
    branches:
      - master

# This ensures that previous jobs for the PR are canceled when the PR is
# updated.
concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref }}
  cancel-in-progress: true

permissions:
  contents: read

jobs:
  replication-test:
    name: Advanced Tests with Go ${{ matrix.go-version }}
    runs-on: ubuntu-latest

    strategy:

name: "Code scanning - action"

on:
  push:
    branches: [ main, master, release ]
  schedule:
    - cron: '0 5 * * *'

permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest