Publish-Currencies workflow (fawazahmed0/exchange-api)
The Publish-Currencies workflow from fawazahmed0/exchange-api, explained and optimized by Latchkey.
CI health: C - fair
Point runs-on at Latchkey and get caching, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the Publish-Currencies workflow from the fawazahmed0/exchange-api repository, a real project running GitHub Actions. It is shown here with attribution under its CC0-1.0 license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: Publish-Currencies
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for branch 1 and on start directory, command.txt file changes or by manually running the workflow from actions tab
on:
schedule:
- cron: '0 0 * * *' # every day at midnight
workflow_dispatch:
permissions: write-all
env: # Or as an environment variable
currlink: ${{ secrets.CURRLINK }}
currlink2: ${{ secrets.CURRLINK2 }}
currlink3: ${{ secrets.CURRLINK3 }}
currlink3key: ${{ secrets.CURRLINK3KEY }}
cryptolink: ${{ secrets.CRYPTOLINK }}
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: '25.2.1'
registry-url: 'https://registry.npmjs.org'
- name: Install Dependencies
run: |
sudo apt-get update -y
sudo apt-get install swapspace -y
npm i
npx playwright install --with-deps
- name: Running the command
id: run-command
continue-on-error: true
run: node currscript.js
- name: Rerun the command if previous failed
if: ${{ steps.run-command.outcome == 'failure' }}
run: node currscript.js
- name: Set date today
run: |
echo "date_today=`date -uI`" >> "$GITHUB_ENV"
echo "date_today_semver=`node semver-date.js`" >> "$GITHUB_ENV"
- name: Generate tarball
run: |
7z a package.tar package -ttar
7z a package.tar.gz package.tar -tgzip -mx=9 -aoa -mfb=258 -mmt=on
- name: publish
run: |
npm publish --access public package.tar.gz
- name: Deploy to cloudflare
uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
command: |
pages deploy --project-name=currency-api package
pages deploy --project-name=currency-api --branch=latest package
pages deploy --project-name=currency-api --branch=${{ env.date_today }} package
- name: Add dist tag
run: |
npm dist-tag add @fawazahmed0/currency-api@${{ env.date_today_semver }} ${{ env.date_today }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
# - name: unpublish older version
# run: npm unpublish @fawazahmed0/currency-api@`date -d "94 days ago" -I | tr '-' '.'`
# env:
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
The same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
name: Publish-Currencies # Controls when the action will run. Triggers the workflow on push or pull request # events but only for branch 1 and on start directory, command.txt file changes or by manually running the workflow from actions tab on: schedule: - cron: '0 0 * * *' # every day at midnight workflow_dispatch: permissions: write-all env: # Or as an environment variable currlink: ${{ secrets.CURRLINK }} currlink2: ${{ secrets.CURRLINK2 }} currlink3: ${{ secrets.CURRLINK3 }} currlink3key: ${{ secrets.CURRLINK3KEY }} cryptolink: ${{ secrets.CRYPTOLINK }} # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" build: timeout-minutes: 30 # The type of runner that the job will run on runs-on: latchkey-small # Steps represent a sequence of tasks that will be executed as part of the job steps: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 with: cache: 'npm' node-version: '25.2.1' registry-url: 'https://registry.npmjs.org' - name: Install Dependencies run: | sudo apt-get update -y sudo apt-get install swapspace -y npm i npx playwright install --with-deps - name: Running the command id: run-command continue-on-error: true run: node currscript.js - name: Rerun the command if previous failed if: ${{ steps.run-command.outcome == 'failure' }} run: node currscript.js - name: Set date today run: | echo "date_today=`date -uI`" >> "$GITHUB_ENV" echo "date_today_semver=`node semver-date.js`" >> "$GITHUB_ENV" - name: Generate tarball run: | 7z a package.tar package -ttar 7z a package.tar.gz package.tar -tgzip -mx=9 -aoa -mfb=258 -mmt=on - name: publish run: | npm publish --access public package.tar.gz - name: Deploy to cloudflare uses: cloudflare/wrangler-action@v3 with: apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} command: | pages deploy --project-name=currency-api package pages deploy --project-name=currency-api --branch=latest package pages deploy --project-name=currency-api --branch=${{ env.date_today }} package - name: Add dist tag run: | npm dist-tag add @fawazahmed0/currency-api@${{ env.date_today_semver }} ${{ env.date_today }} env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} # - name: unpublish older version # run: npm unpublish @fawazahmed0/currency-api@`date -d "94 days ago" -I | tr '-' '.'` # env: # NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
What Latchkey heals here
This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:
- Dependency installs
- End-to-end and browser tests
This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.