Skip to content
Latchkey

CI workflow (dominikh/go-tools)

The CI workflow from dominikh/go-tools, explained and optimized by Latchkey.

C

CI health: C - fair

Run this on Latchkey for self-healing, caching, and up to 58% lower cost.

Grade your own workflow free or run it on Latchkey →
Source: dominikh/go-tools.github/workflows/ci.ymlLicense MITView source

What it does

This is the CI workflow from the dominikh/go-tools repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: "CI"
on: ["push", "pull_request"]
permissions: {}

jobs:
  ci:
    name: "Run CI"
    strategy:
      fail-fast: false
      matrix:
        os: ["windows-latest", "ubuntu-latest", "macOS-latest"]
        go: ["1.26", "1.27.0-rc.1"]
        godebug: [""]
    runs-on: ${{ matrix.os }}
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
      with:
        go-version: ${{ matrix.go }}
    - run: "go test ./..."
      env:
        GODEBUG: ${{ matrix.godebug }}
    - run: "go vet ./..."
    - uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1.4.1
      with:
        version: "master"
        min-go-version: "module"
        install-go: false
        cache-key: ${{ matrix.go }}
        output-format: binary
        output-file: "./staticcheck.bin"
    - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
      with:
        name: "staticcheck-${{ github.sha }}-${{ matrix.go }}-${{ matrix.os }}-${{ matrix.godebug }}.bin"
        path: "./staticcheck.bin"
        retention-days: 1
        if-no-files-found: warn
  output:
    name: "Output Staticcheck findings"
    needs: ci
    runs-on: "ubuntu-latest"
    steps:
    - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
      with:
        go-version: "stable"
    # this downloads all artifacts of the current workflow into the current working directory, creating one directory per artifact
    - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
    - id: glob
      run: |
        # We replace newlines with %0A, which GitHub apparently magically turns back into newlines
        out=$(ls -1 ./staticcheck-*.bin/*.bin)
        echo "::set-output name=files::${out//$'\n'/%0A}"
    - uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1.4.1
      with:
        install-go: false
        version: "master"
        merge-files: ${{ steps.glob.outputs.files }}

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: "CI"
on: ["push", "pull_request"]
permissions: {}
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  ci:
    timeout-minutes: 30
    name: "Run CI"
    strategy:
      fail-fast: false
      matrix:
        os: ["windows-latest", "ubuntu-latest", "macOS-latest"]
        go: ["1.26", "1.27.0-rc.1"]
        godebug: [""]
    runs-on: ${{ matrix.os }}
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
      with:
        go-version: ${{ matrix.go }}
    - run: "go test ./..."
      env:
        GODEBUG: ${{ matrix.godebug }}
    - run: "go vet ./..."
    - uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1.4.1
      with:
        version: "master"
        min-go-version: "module"
        install-go: false
        cache-key: ${{ matrix.go }}
        output-format: binary
        output-file: "./staticcheck.bin"
    - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
      with:
        name: "staticcheck-${{ github.sha }}-${{ matrix.go }}-${{ matrix.os }}-${{ matrix.godebug }}.bin"
        path: "./staticcheck.bin"
        retention-days: 1
        if-no-files-found: warn
  output:
    timeout-minutes: 30
    name: "Output Staticcheck findings"
    needs: ci
    runs-on: "ubuntu-latest"
    steps:
    - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
      with:
        go-version: "stable"
    # this downloads all artifacts of the current workflow into the current working directory, creating one directory per artifact
    - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
    - id: glob
      run: |
        # We replace newlines with %0A, which GitHub apparently magically turns back into newlines
        out=$(ls -1 ./staticcheck-*.bin/*.bin)
        echo "::set-output name=files::${out//$'\n'/%0A}"
    - uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1.4.1
      with:
        install-go: false
        version: "master"
        merge-files: ${{ steps.glob.outputs.files }}
 

What changed

This workflow runs 2 jobs (7 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow