permissions: { }

jobs:
  code-owners-validation:
    permissions:
      contents: read
      id-token: write
    runs-on: ubuntu-latest
    steps:
      - name: Get Secrets
        uses: gradle/actions-internal/get-aws-secrets@v1
        if: (github.event_name != 'pull_request' && github.repository_owner == 'gradle') || github.event.pull_request.head.repo.full_name == github.repository
        with:

# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven

name: Java CI with Maven

on:
  push:
    branches:
    - master
    - "*.x"
  pull_request:
    branches:
    - master
    - "*.x"

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
    - name: Set up JDK 21

#       resources:
#         - 'arn:aws:s3:::example*/*'
#       actions:
#         - "s3:AbortMultipartUpload"
#         - "s3:GetObject"
#         - "s3:DeleteObject"
#         - "s3:PutObject"
#         - "s3:ListMultipartUploadParts"
#     - resources:
#         - 'arn:aws:s3:::example*'
#       actions:
#         - "s3:CreateBucket"
#         - "s3:DeleteBucket"

import org.codelibs.fess.exception.InvalidAccessTokenException;

/**
 * Abstract base class for admin API actions in Fess.
 * This class extends FessApiAction to provide admin-specific functionality
 * including enhanced access control for administrative operations.
 *
 * <p>Admin API actions require special permissions and access tokens
 * that are validated against the admin role configuration.</p>
 */

permissions:
  contents: read

jobs:
  stale:
    permissions:
      issues: write  # for actions/stale to close stale issues
      pull-requests: write  # for actions/stale to close stale PRs
    runs-on: ubuntu-latest
    env:
      ACTIONS_STEP_DEBUG: true
    steps:
    - name: Close Stale Issues
      uses: actions/stale@v8
      with:
        repo-token: ${{ secrets.GITHUB_TOKEN }}

    permissions:
      contents: read
      issues: write
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - name: Set up JDK 17
        uses: actions/setup-java@v5
        with:
          distribution: 'temurin'
          java-version: '17'
      - name: Install Groovy
        run: sudo apt-get install groovy

      - name: Clean repository
        shell: bash
        run: find /home/ubuntu/actions-runner/_work/tensorflow/tensorflow/. -name . -o -prune -exec sudo rm -rf -- {} + || true
      - name: Checkout repository for nightly (skipped for releases)
        if: ${{ github.event_name == 'schedule' }}
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
        with:
          ref: 'nightly'

```

Description of the configuration parameters used above -

- `policies[].name` - name of the policy to create, must be a string with length > 0
- `policies[].statements[]` - list of statements, includes actions and resources

    if not updated:
        logging.info("The data hasn't changed, finishing.")
        return

    logging.info("Setting up GitHub Actions git user")
    subprocess.run(["git", "config", "user.name", "github-actions[bot]"], check=True)
    subprocess.run(
        ["git", "config", "user.email", "github-actions[bot]@users.noreply.github.com"],
        check=True,
    )
    branch_name = f"fastapi-people-sponsors-{secrets.token_hex(4)}"

        logging.info("The data hasn't changed, finishing.")
        return

    logging.info("Setting up GitHub Actions git user")
    subprocess.run(["git", "config", "user.name", "github-actions[bot]"], check=True)
    subprocess.run(
        ["git", "config", "user.email", "github-actions[bot]@users.noreply.github.com"],
        check=True,
    )
    branch_name = f"fastapi-people-contributors-{secrets.token_hex(4)}"