Skip to content
Latchkey

Upload Release Asset workflow (FiloSottile/mkcert)

The Upload Release Asset workflow from FiloSottile/mkcert, explained and optimized by Latchkey.

A

CI health: A - excellent

Point runs-on at Latchkey and get job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: FiloSottile/mkcert.github/workflows/release.ymlLicense BSD-3-ClauseView source

What it does

This is the Upload Release Asset workflow from the FiloSottile/mkcert repository, a real project running GitHub Actions. It is shown here with attribution under its BSD-3-Clause license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
on:
  release:
    types: [published]
name: Upload Release Asset
jobs:
  release:
    name: Upload Release Asset
    runs-on: ubuntu-latest
    steps:
      - name: Install Go
        uses: actions/setup-go@v2
        with:
          go-version: 1.x
      - name: Checkout repository
        uses: actions/checkout@v2
      - name: Build binaries
        run: |
          CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-linux-amd64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "mkcert-$(git describe --tags)-linux-arm" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-linux-arm64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-darwin-amd64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-darwin-arm64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-windows-amd64.exe" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=windows GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-windows-arm64.exe" -ldflags "-X main.Version=$(git describe --tags)"
      - name: Upload release artifacts
        uses: actions/github-script@v3
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require("fs").promises;
            const { repo: { owner, repo }, sha } = context;

            const release = await github.repos.getReleaseByTag({
              owner, repo,
              tag: process.env.GITHUB_REF.replace("refs/tags/", ""),
            });
            console.log("Release:", { release });

            for (let file of await fs.readdir(".")) {
              if (!file.startsWith("mkcert-")) continue;
              console.log("Uploading", file);
              await github.repos.uploadReleaseAsset({
                owner, repo,
                release_id: release.data.id,
                name: file,
                data: await fs.readFile(file),
              });
            }

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

on:
  release:
    types: [published]
name: Upload Release Asset
jobs:
  release:
    timeout-minutes: 30
    name: Upload Release Asset
    runs-on: latchkey-small
    steps:
      - name: Install Go
        uses: actions/setup-go@v2
        with:
          go-version: 1.x
      - name: Checkout repository
        uses: actions/checkout@v2
      - name: Build binaries
        run: |
          CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-linux-amd64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "mkcert-$(git describe --tags)-linux-arm" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-linux-arm64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-darwin-amd64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-darwin-arm64" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-windows-amd64.exe" -ldflags "-X main.Version=$(git describe --tags)"
          CGO_ENABLED=0 GOOS=windows GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-windows-arm64.exe" -ldflags "-X main.Version=$(git describe --tags)"
      - name: Upload release artifacts
        uses: actions/github-script@v3
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require("fs").promises;
            const { repo: { owner, repo }, sha } = context;
 
            const release = await github.repos.getReleaseByTag({
              owner, repo,
              tag: process.env.GITHUB_REF.replace("refs/tags/", ""),
            });
            console.log("Release:", { release });
 
            for (let file of await fs.readdir(".")) {
              if (!file.startsWith("mkcert-")) continue;
              console.log("Uploading", file);
              await github.repos.uploadReleaseAsset({
                owner, repo,
                release_id: release.data.id,
                name: file,
                data: await fs.readFile(file),
              });
            }
 

What changed

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow