Skip to content
Latchkey

Release workflow (gosling-lang/gos)

The Release workflow from gosling-lang/gos, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: gosling-lang/gos.github/workflows/release.ymlLicense MITView source

What it does

This is the Release workflow from the gosling-lang/gos repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Release

on:
  push:
    tags:
      - "v*"
  workflow_dispatch:

jobs:

  Release:
    runs-on: ubuntu-latest
    permissions:
      # IMPORTANT: this permission is mandatory for trusted publishing
      id-token: write
      # Necessary for changelogithub to publish releases automatically
      contents: write
    if: startsWith(github.ref, 'refs/tags/')
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: denoland/setup-deno@v2
        with:
          deno-version: v2.x
      - uses: astral-sh/setup-uv@v5

      - run: uv build

      - name: Publish distribution 📦 to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: Release
 
on:
  push:
    tags:
      - "v*"
  workflow_dispatch:
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
 
  Release:
    timeout-minutes: 30
    runs-on: latchkey-small
    permissions:
      # IMPORTANT: this permission is mandatory for trusted publishing
      id-token: write
      # Necessary for changelogithub to publish releases automatically
      contents: write
    if: startsWith(github.ref, 'refs/tags/')
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: denoland/setup-deno@v2
        with:
          deno-version: v2.x
      - uses: astral-sh/setup-uv@v5
 
      - run: uv build
 
      - name: Publish distribution 📦 to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1
 

What changed

3 third-party actions are referenced by a movable tag. Pin them to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow