steps:
      - name: Checkout repository
        uses: actions/checkout@v6
      
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v6
        with:
          role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_gradle_all
          aws-region: "eu-central-1"
      
      - name: Get secrets
        uses: aws-actions/aws-secretsmanager-get-secrets@v2
        with:

      - name: Clean repository
        shell: bash
        run: find /home/ubuntu/actions-runner/_work/tensorflow/tensorflow/. -name . -o -prune -exec sudo rm -rf -- {} + || true
      - name: Checkout repository for nightly (skipped for releases)
        if: ${{ github.event_name == 'schedule' }}
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
        with:
          ref: 'nightly'

    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.24.x]
        os: [ubuntu-latest]

    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: ${{ matrix.go-version }}
          check-latest: true
      - name: Start upgrade tests
        run: |

      - unlabeled

jobs:
  labeler:
    permissions:
      contents: read
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/labeler@v6
      if: ${{ github.event.action != 'labeled' && github.event.action != 'unlabeled' }}
    - run: echo "Done adding labels"
  # Run this after labeler applied labels
  check-labels:
    needs:
      - labeler
    permissions:

    types: [opened, edited, reopened]

jobs:
  triage:
    runs-on: ubuntu-latest
    name: Label issues and pull requests
    steps:
      - name: check out
        uses: actions/checkout@v4

      - name: labeler
        uses: jinzhu/super-labeler-action@develop
        with:

## Key Patterns

### Actions (Controllers)
- Located in `app.web.*` or `app.web.admin.*`
- Methods with `@Execute` are web endpoints
- DI via `@Resource` annotation
- `HtmlResponse` for JSP, `JsonResponse` for APIs

### Services
- Business logic in `app.service.*`
- Injected into Actions
- Use behavior classes to access OpenSearch

### Helpers

    name: Go ${{ matrix.go-version }} on ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        go-version: [1.24.x]
        os: [ubuntu-latest]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: ${{ matrix.go-version }}
          check-latest: true
      - name: Build on ${{ matrix.os }}
        if: matrix.os == 'ubuntu-latest'
        env:

permissions: {}

jobs:
  check-links:
    permissions:
      contents: read
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v6

      - name: Check links
        uses: lycheeverse/lychee-action@v2.7.0
        with:
          # excluded:
          # - notes.md and notes-templates.md - because they are a part of user guide

# limitations under the License.
# ============================================================================
version: 2
updates:
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: monthly
    groups:
      github-actions:
        patterns:
          - "*"

  - package-ecosystem: docker
    directory: /ci/devinfra/docker_windows
    schedule:
      interval: monthly
    ignore:

on:
  pull_request_target:
  issues:
    types:
      - opened
      - reopened

jobs:
  add-to-project:
    name: Add to project
    runs-on: ubuntu-latest
    steps:
      - uses: actions/add-to-project@v1.0.2
        with:
          project-url: https://github.com/orgs/fastapi/projects/2