Release Version workflow (bytedance/xgplayer)
The Release Version workflow from bytedance/xgplayer, explained and optimized by Latchkey.
CI health: C - fair
Point runs-on at Latchkey and get run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the Release Version workflow from the bytedance/xgplayer repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: Release Version
# Publish npm packages based on git tags (v*)
on:
push:
tags: ["v*"]
jobs:
build:
if: github.repository == 'bytedance/xgplayer'
runs-on: ubuntu-latest
environment: release
permissions:
contents: read
id-token: write
outputs:
tag: ${{ steps.extract_tag.outputs.result }}
is_stable: ${{ steps.release_meta.outputs.is_stable }}
steps:
- name: Extract tag
id: extract_tag
uses: actions/github-script@v7
with:
script: |
const prefix = 'refs/tags/';
const ref = context.ref;
if (!ref.startsWith(prefix)) {
throw new Error('Invalid ref: not a tag');
}
return ref.substring(prefix.length);
result-encoding: string
- name: Determine release mode
id: release_meta
uses: actions/github-script@v7
env:
TAG: ${{ steps.extract_tag.outputs.result }}
with:
script: |
const isStable = /^v\d+\.\d+\.\d+$/.test(process.env.TAG);
core.setOutput('is_stable', String(isStable));
core.notice(`Release mode for ${process.env.TAG}: ${isStable ? 'stable' : 'prerelease'}`);
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node environment
uses: ./.github/actions/setup-node-env
- name: Set package version
run: |
zx scripts/workflow/set-package-version.mjs
env:
TAG: ${{ steps.extract_tag.outputs.result }}
- name: Build packages
run: |
yarn build:all
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: build
path: |
packages/*/dist/**
packages/*/es/**
packages/*/package.json
package.json
retention-days: 7
release_npm:
if: github.repository == 'bytedance/xgplayer'
permissions:
id-token: write
needs: [build]
environment: release
runs-on: ubuntu-latest
steps:
- name: Checkout tag
uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
- name: Setup Node environment
uses: ./.github/actions/setup-node-env
with:
registry-url: 'https://registry.npmjs.org'
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: build
- name: Publish to npm
run: |
zx scripts/workflow/npm-publish.mjs
env:
NPM_CONFIG_PROVENANCE: true
release_github:
if: github.repository == 'bytedance/xgplayer'
permissions:
contents: write
needs: [build, release_npm]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Create GitHub Release
uses: actions/github-script@v7
env:
TAG: ${{ needs.build.outputs.tag }}
IS_STABLE: ${{ needs.build.outputs.is_stable }}
with:
script: |
const createGitHubRelease = require('./scripts/workflow/create-github-release');
await createGitHubRelease({
github,
context,
core,
tag: process.env.TAG,
isStable: process.env.IS_STABLE === 'true'
});
commit_to_main:
permissions:
contents: write
if: github.repository == 'bytedance/xgplayer' && needs.build.outputs.is_stable == 'true'
needs: [build, release_npm, release_github]
runs-on: ubuntu-latest
steps:
- name: Checkout main branch
uses: actions/checkout@v4
with:
ref: main
fetch-depth: 0
- name: Cache node_modules
uses: actions/cache@v4
with:
path: node_modules
key: ${{ runner.os }}-deps-${{ hashFiles('**/package.json', '**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-deps-
${{ runner.os }}-
- name: Setup Git
run: |
git config --global user.name "${{ github.actor }}"
git config --global user.email "${{ github.actor }}@users.noreply.github.com"
- name: Setup Node environment
uses: ./.github/actions/setup-node-env
- name: Apply version changes
run: |
zx scripts/workflow/set-package-version.mjs
env:
TAG: ${{ needs.build.outputs.tag }}
- name: Commit and push to main
uses: EndBug/add-and-commit@v9
with:
add: "."
default_author: github_actor
fetch: true
push: 'origin HEAD:main'
message: 'chore(release): release version ${{ needs.build.outputs.tag }}'
release_summary:
if: always() && github.repository == 'bytedance/xgplayer'
needs: [build, release_npm, release_github, commit_to_main]
runs-on: ubuntu-latest
steps:
- name: Generate release summary
run: |
VERSION="${{ needs.build.outputs.tag }}"
IS_STABLE="${{ needs.build.outputs.is_stable }}"
BUILD_STATUS="${{ needs.build.result }}"
RELEASE_STATUS="${{ needs.release_npm.result }}"
GITHUB_RELEASE_STATUS="${{ needs.release_github.result }}"
MAIN_COMMIT_STATUS="${{ needs.commit_to_main.result }}"
BUILD_BADGE=$([ "$BUILD_STATUS" = "success" ] && echo "✅" || echo "❌")
RELEASE_BADGE=$([ "$RELEASE_STATUS" = "success" ] && echo "✅" || echo "❌")
GITHUB_RELEASE_BADGE=$([ "$GITHUB_RELEASE_STATUS" = "success" ] && echo "✅" || echo "❌")
if [ "$MAIN_COMMIT_STATUS" = "success" ]; then
MAIN_COMMIT_BADGE="✅"
elif [ "$MAIN_COMMIT_STATUS" = "skipped" ]; then
MAIN_COMMIT_BADGE="⏭️"
else
MAIN_COMMIT_BADGE="❌"
fi
RELEASE_MODE=$([ "$IS_STABLE" = "true" ] && echo "stable" || echo "prerelease")
{
echo "# 🎉 Release Summary"
echo ""
echo "## Version Information"
echo "| Field | Value |"
echo "|-------|-------|"
echo "| Version | \`$VERSION\` |"
echo "| Tag | \`${{ github.ref }}\` |"
echo "| Release Mode | \`$RELEASE_MODE\` |"
echo "| Commit | [\`${{ github.sha }}\`](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) |"
echo ""
echo "## Workflow Status"
echo "| Step | Status |"
echo "|------|--------|"
echo "| Build | $BUILD_BADGE $BUILD_STATUS |"
echo "| NPM Release | $RELEASE_BADGE $RELEASE_STATUS |"
echo "| GitHub Release | $GITHUB_RELEASE_BADGE $GITHUB_RELEASE_STATUS |"
echo "| Commit To Main | $MAIN_COMMIT_BADGE $MAIN_COMMIT_STATUS |"
echo ""
echo "## Links"
echo "- 📦 [View on NPM](https://www.npmjs.com/search?q=%40xgplayer)"
echo "- 🏷️ [View GitHub Release](https://github.com/${{ github.repository }}/releases/tag/$VERSION)"
echo "- 🔗 [Workflow Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})"
echo ""
echo "*Auto-generated by GitHub Actions*"
} >> $GITHUB_STEP_SUMMARY
if [ "$BUILD_STATUS" != "success" ] || [ "$RELEASE_STATUS" != "success" ] || [ "$GITHUB_RELEASE_STATUS" != "success" ]; then
exit 1
fi
if [ "$IS_STABLE" = "true" ] && [ "$MAIN_COMMIT_STATUS" != "success" ]; then
exit 1
fi
The same workflow, on Latchkey
Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.
name: Release Version # Publish npm packages based on git tags (v*) on: push: tags: ["v*"] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: build: timeout-minutes: 30 if: github.repository == 'bytedance/xgplayer' runs-on: latchkey-small environment: release permissions: contents: read id-token: write outputs: tag: ${{ steps.extract_tag.outputs.result }} is_stable: ${{ steps.release_meta.outputs.is_stable }} steps: - name: Extract tag id: extract_tag uses: actions/github-script@v7 with: script: | const prefix = 'refs/tags/'; const ref = context.ref; if (!ref.startsWith(prefix)) { throw new Error('Invalid ref: not a tag'); } return ref.substring(prefix.length); result-encoding: string - name: Determine release mode id: release_meta uses: actions/github-script@v7 env: TAG: ${{ steps.extract_tag.outputs.result }} with: script: | const isStable = /^v\d+\.\d+\.\d+$/.test(process.env.TAG); core.setOutput('is_stable', String(isStable)); core.notice(`Release mode for ${process.env.TAG}: ${isStable ? 'stable' : 'prerelease'}`); - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup Node environment uses: ./.github/actions/setup-node-env - name: Set package version run: | zx scripts/workflow/set-package-version.mjs env: TAG: ${{ steps.extract_tag.outputs.result }} - name: Build packages run: | yarn build:all - name: Upload build artifacts uses: actions/upload-artifact@v4 with: name: build path: | packages/*/dist/** packages/*/es/** packages/*/package.json package.json retention-days: 7 release_npm: timeout-minutes: 30 if: github.repository == 'bytedance/xgplayer' permissions: id-token: write needs: [build] environment: release runs-on: latchkey-small steps: - name: Checkout tag uses: actions/checkout@v4 with: ref: ${{ github.ref }} - name: Setup Node environment uses: ./.github/actions/setup-node-env with: registry-url: 'https://registry.npmjs.org' - name: Download build artifacts uses: actions/download-artifact@v4 with: name: build - name: Publish to npm run: | zx scripts/workflow/npm-publish.mjs env: NPM_CONFIG_PROVENANCE: true release_github: timeout-minutes: 30 if: github.repository == 'bytedance/xgplayer' permissions: contents: write needs: [build, release_npm] runs-on: latchkey-small steps: - name: Checkout code uses: actions/checkout@v4 - name: Create GitHub Release uses: actions/github-script@v7 env: TAG: ${{ needs.build.outputs.tag }} IS_STABLE: ${{ needs.build.outputs.is_stable }} with: script: | const createGitHubRelease = require('./scripts/workflow/create-github-release'); await createGitHubRelease({ github, context, core, tag: process.env.TAG, isStable: process.env.IS_STABLE === 'true' }); commit_to_main: timeout-minutes: 30 permissions: contents: write if: github.repository == 'bytedance/xgplayer' && needs.build.outputs.is_stable == 'true' needs: [build, release_npm, release_github] runs-on: latchkey-small steps: - name: Checkout main branch uses: actions/checkout@v4 with: ref: main fetch-depth: 0 - name: Cache node_modules uses: actions/cache@v4 with: path: node_modules key: ${{ runner.os }}-deps-${{ hashFiles('**/package.json', '**/yarn.lock') }} restore-keys: | ${{ runner.os }}-deps- ${{ runner.os }}- - name: Setup Git run: | git config --global user.name "${{ github.actor }}" git config --global user.email "${{ github.actor }}@users.noreply.github.com" - name: Setup Node environment uses: ./.github/actions/setup-node-env - name: Apply version changes run: | zx scripts/workflow/set-package-version.mjs env: TAG: ${{ needs.build.outputs.tag }} - name: Commit and push to main uses: EndBug/add-and-commit@v9 with: add: "." default_author: github_actor fetch: true push: 'origin HEAD:main' message: 'chore(release): release version ${{ needs.build.outputs.tag }}' release_summary: timeout-minutes: 30 if: always() && github.repository == 'bytedance/xgplayer' needs: [build, release_npm, release_github, commit_to_main] runs-on: latchkey-small steps: - name: Generate release summary run: | VERSION="${{ needs.build.outputs.tag }}" IS_STABLE="${{ needs.build.outputs.is_stable }}" BUILD_STATUS="${{ needs.build.result }}" RELEASE_STATUS="${{ needs.release_npm.result }}" GITHUB_RELEASE_STATUS="${{ needs.release_github.result }}" MAIN_COMMIT_STATUS="${{ needs.commit_to_main.result }}" BUILD_BADGE=$([ "$BUILD_STATUS" = "success" ] && echo "✅" || echo "❌") RELEASE_BADGE=$([ "$RELEASE_STATUS" = "success" ] && echo "✅" || echo "❌") GITHUB_RELEASE_BADGE=$([ "$GITHUB_RELEASE_STATUS" = "success" ] && echo "✅" || echo "❌") if [ "$MAIN_COMMIT_STATUS" = "success" ]; then MAIN_COMMIT_BADGE="✅" elif [ "$MAIN_COMMIT_STATUS" = "skipped" ]; then MAIN_COMMIT_BADGE="⏭️" else MAIN_COMMIT_BADGE="❌" fi RELEASE_MODE=$([ "$IS_STABLE" = "true" ] && echo "stable" || echo "prerelease") { echo "# 🎉 Release Summary" echo "" echo "## Version Information" echo "| Field | Value |" echo "|-------|-------|" echo "| Version | \`$VERSION\` |" echo "| Tag | \`${{ github.ref }}\` |" echo "| Release Mode | \`$RELEASE_MODE\` |" echo "| Commit | [\`${{ github.sha }}\`](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) |" echo "" echo "## Workflow Status" echo "| Step | Status |" echo "|------|--------|" echo "| Build | $BUILD_BADGE $BUILD_STATUS |" echo "| NPM Release | $RELEASE_BADGE $RELEASE_STATUS |" echo "| GitHub Release | $GITHUB_RELEASE_BADGE $GITHUB_RELEASE_STATUS |" echo "| Commit To Main | $MAIN_COMMIT_BADGE $MAIN_COMMIT_STATUS |" echo "" echo "## Links" echo "- 📦 [View on NPM](https://www.npmjs.com/search?q=%40xgplayer)" echo "- 🏷️ [View GitHub Release](https://github.com/${{ github.repository }}/releases/tag/$VERSION)" echo "- 🔗 [Workflow Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})" echo "" echo "*Auto-generated by GitHub Actions*" } >> $GITHUB_STEP_SUMMARY if [ "$BUILD_STATUS" != "success" ] || [ "$RELEASE_STATUS" != "success" ] || [ "$GITHUB_RELEASE_STATUS" != "success" ]; then exit 1 fi if [ "$IS_STABLE" = "true" ] && [ "$MAIN_COMMIT_STATUS" != "success" ]; then exit 1 fi
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cancel superseded runs when a branch or PR gets a newer push.
- Add a job timeout so a hung step cannot burn hours of runner time.
1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
This workflow runs 5 jobs per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.