name: "CodeQL"

on:
  push:
    branches:
    - master
    - "*.x"
  pull_request:
    branches:
    - master
    - "*.x"
  workflow_dispatch:

jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    timeout-minutes: 20

    strategy:
      fail-fast: false
      matrix:
        language: ['java', 'javascript']

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

author: "Sebastián Ramírez <******@****.***>"
inputs:
  token:
    description: 'User token, to read the GitHub API. Can be passed in using {{ secrets.FASTAPI_PEOPLE }}'
    required: true
runs:
  using: 'docker'

     3. Build a Gradle distribution using dogfood-first with this hash as a version + fixed timestamp different from the one above -> dogfood-second
     4. Use dogfood-second to run a Gradle build which runs tests.

     */
    val dogfoodTimestamp1 = "19800101010101+0000"
    val dogfoodTimestamp2 = "19800202020202+0000"
    val buildScanTagForType = buildScanTag("Gradleception")

      - name: Install build dependencies
        run: pip install build
      - name: Build source distribution
        env:
          TIANGOLO_BUILD_PACKAGE: ${{ matrix.package }}
        run: python -m build --sdist
      - name: Decompress source distribution
        run: |
          cd dist
          tar xvf fastapi*.tar.gz
      - name: Install test dependencies
        run: |
          cd dist/fastapi*/

author: "Sebastián Ramírez <******@****.***>"
inputs:
  token:
    description: 'Token, to read the GitHub API. Can be passed in using {{ secrets.GITHUB_TOKEN }}'
    required: true
runs:
  using: 'docker'

name: "Issue Labeler"
on:
  issues:
    types: [opened, edited, reopened]
  pull_request:
    types: [opened, edited, reopened]

jobs:
  triage:
    runs-on: ubuntu-latest
    name: Label issues and pull requests
    steps:
      - name: check out
        uses: actions/checkout@v4

      - name: labeler
        uses: jinzhu/super-labeler-action@develop
        with:

name: 'Dependency Review'
on: [pull_request]

permissions:
  contents: read

jobs:
  dependency-review:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v4
      - name: 'Dependency Review'

    - it also sets up a UDS socket for istio-cni to send logs to this container.
    - based on config, it may run the 'repair' controller that detects pods where istio setup fails and restarts them, or created in corner cases.
    - if ambient is enabled, also runs an ambient controller, watching Pod, Namespace

- `istio-cni`
    - CNI plugin executable copied to `/opt/cni/bin`

          ${{ runner.os }}-maven-
    - name: Download Plugins with Maven
      run: mvn -B antrun:run --file pom.xml
    - name: Build with Maven
      run: mvn -B source:jar javadoc:jar package --file pom.xml
    - name: Run Fess
      run: bash src/test/resources/before_script.sh
    - name: Run Integration Test

name: Check issues metadata

on:
  issues:
    types: [ opened, unlabeled, closed ]

permissions: {}

jobs:
  check_issue_metadata:
    permissions:
      issues: write
    runs-on: ubuntu-latest
    steps:
      # Check that issues have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/issue-metadata.ts
      - uses: gradle/issue-management-action@v1
        with: