Skip to content
Latchkey

Build/release workflow (agalwood/Motrix)

The Build/release workflow from agalwood/Motrix, explained and optimized by Latchkey.

F

CI health: F - at risk

Run this on Latchkey for self-healing, caching, and up to 58% lower cost.

Grade your own workflow free or run it on Latchkey →
Source: agalwood/Motrix.github/workflows/release.ymlLicense MITView source

What it does

This is the Build/release workflow from the agalwood/Motrix repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Build/release

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:
  release:
    runs-on: ${{ matrix.os }}

    # Platforms to build on/for
    strategy:
      matrix:
        os: [macos-latest, ubuntu-latest, windows-latest]

    steps:
      - name: Check out Git repository
        uses: actions/checkout@v3

      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v3
        with:
          node-version: 18

      - name: Install Snapcraft
        uses: samuelmeuli/action-snapcraft@v2
        # Only install Snapcraft on Ubuntu
        if: startsWith(matrix.os, 'ubuntu')
        env:
          # Snapcraft
          SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}

      - name: Test Snapcraft
        if: startsWith(matrix.os, 'ubuntu')
        run: snapcraft --help

      - name: Build/release Electron app
        uses: motrixapp/action-electron-builder@v2
        with:
          build_script_name: 'build:github'
          # GitHub token, automatically provided to the action
          # (No need to define this secret in the repo settings)
          github_token: ${{ secrets.github_token }}

          # macOS code signing certificate
          mac_certs: ${{ secrets.mac_certs }}
          mac_certs_password: ${{ secrets.mac_certs_password }}

          # If the commit is tagged with a version (e.g. "v1.0.0"),
          # release the app after building
          release: ${{ vars.skip_publish != 'true' }}
        env:
          # Snapcraft
          SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}
          # macOS notarization
          TEAM_ID: ${{ secrets.team_id }}
          APPLE_ID: ${{ secrets.apple_id }}
          APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.apple_app_specific_password }}

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

name: Build/release
 
on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  release:
    timeout-minutes: 30
    runs-on: ${{ matrix.os }}
 
    # Platforms to build on/for
    strategy:
      matrix:
        os: [macos-latest, ubuntu-latest, windows-latest]
 
    steps:
      - name: Check out Git repository
        uses: actions/checkout@v3
 
      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v3
        with:
          cache: 'npm'
          node-version: 18
 
      - name: Install Snapcraft
        uses: samuelmeuli/action-snapcraft@v2
        # Only install Snapcraft on Ubuntu
        if: startsWith(matrix.os, 'ubuntu')
        env:
          # Snapcraft
          SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}
 
      - name: Test Snapcraft
        if: startsWith(matrix.os, 'ubuntu')
        run: snapcraft --help
 
      - name: Build/release Electron app
        uses: motrixapp/action-electron-builder@v2
        with:
          build_script_name: 'build:github'
          # GitHub token, automatically provided to the action
          # (No need to define this secret in the repo settings)
          github_token: ${{ secrets.github_token }}
 
          # macOS code signing certificate
          mac_certs: ${{ secrets.mac_certs }}
          mac_certs_password: ${{ secrets.mac_certs_password }}
 
          # If the commit is tagged with a version (e.g. "v1.0.0"),
          # release the app after building
          release: ${{ vars.skip_publish != 'true' }}
        env:
          # Snapcraft
          SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}
          # macOS notarization
          TEAM_ID: ${{ secrets.team_id }}
          APPLE_ID: ${{ secrets.apple_id }}
          APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.apple_app_specific_password }}
 

What changed

2 third-party actions are referenced by a movable tag. Pin them to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

This workflow runs 1 job (3 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow