Build/release workflow (agalwood/Motrix)
The Build/release workflow from agalwood/Motrix, explained and optimized by Latchkey.
CI health: F - at risk
Run this on Latchkey for self-healing, caching, and up to 58% lower cost.
Grade your own workflow free or run it on Latchkey →What it does
This is the Build/release workflow from the agalwood/Motrix repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: Build/release
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
release:
runs-on: ${{ matrix.os }}
# Platforms to build on/for
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
steps:
- name: Check out Git repository
uses: actions/checkout@v3
- name: Install Node.js, NPM and Yarn
uses: actions/setup-node@v3
with:
node-version: 18
- name: Install Snapcraft
uses: samuelmeuli/action-snapcraft@v2
# Only install Snapcraft on Ubuntu
if: startsWith(matrix.os, 'ubuntu')
env:
# Snapcraft
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}
- name: Test Snapcraft
if: startsWith(matrix.os, 'ubuntu')
run: snapcraft --help
- name: Build/release Electron app
uses: motrixapp/action-electron-builder@v2
with:
build_script_name: 'build:github'
# GitHub token, automatically provided to the action
# (No need to define this secret in the repo settings)
github_token: ${{ secrets.github_token }}
# macOS code signing certificate
mac_certs: ${{ secrets.mac_certs }}
mac_certs_password: ${{ secrets.mac_certs_password }}
# If the commit is tagged with a version (e.g. "v1.0.0"),
# release the app after building
release: ${{ vars.skip_publish != 'true' }}
env:
# Snapcraft
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }}
# macOS notarization
TEAM_ID: ${{ secrets.team_id }}
APPLE_ID: ${{ secrets.apple_id }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.apple_app_specific_password }}
The same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
name: Build/release on: push: branches: [ master ] pull_request: branches: [ master ] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: release: timeout-minutes: 30 runs-on: ${{ matrix.os }} # Platforms to build on/for strategy: matrix: os: [macos-latest, ubuntu-latest, windows-latest] steps: - name: Check out Git repository uses: actions/checkout@v3 - name: Install Node.js, NPM and Yarn uses: actions/setup-node@v3 with: cache: 'npm' node-version: 18 - name: Install Snapcraft uses: samuelmeuli/action-snapcraft@v2 # Only install Snapcraft on Ubuntu if: startsWith(matrix.os, 'ubuntu') env: # Snapcraft SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }} - name: Test Snapcraft if: startsWith(matrix.os, 'ubuntu') run: snapcraft --help - name: Build/release Electron app uses: motrixapp/action-electron-builder@v2 with: build_script_name: 'build:github' # GitHub token, automatically provided to the action # (No need to define this secret in the repo settings) github_token: ${{ secrets.github_token }} # macOS code signing certificate mac_certs: ${{ secrets.mac_certs }} mac_certs_password: ${{ secrets.mac_certs_password }} # If the commit is tagged with a version (e.g. "v1.0.0"), # release the app after building release: ${{ vars.skip_publish != 'true' }} env: # Snapcraft SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.snapcraft_token }} # macOS notarization TEAM_ID: ${{ secrets.team_id }} APPLE_ID: ${{ secrets.apple_id }} APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.apple_app_specific_password }}
What changed
- Cancel superseded runs when a branch or PR gets a newer push.
- Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
2 third-party actions are referenced by a movable tag. Pin them to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
This workflow runs 1 job (3 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.