Skip to content
Latchkey

Publish Stable Source Archive workflow (grpc/grpc-web)

The Publish Stable Source Archive workflow from grpc/grpc-web, explained and optimized by Latchkey.

A

CI health: A - excellent

Point runs-on at Latchkey and get job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: grpc/grpc-web.github/workflows/release-source-archive.ymlLicense Apache-2.0View source

What it does

This is the Publish Stable Source Archive workflow from the grpc/grpc-web repository, a real project running GitHub Actions. It is shown here with attribution under its Apache-2.0 license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Publish Stable Source Archive

on:
  release:
    types: [published]

jobs:
  # Whenever a release is published, this uploads an accompanying stable source archive.
  #
  # Github doesn't guarantee stability of source archives for more than 6 months[1].
  # More stability is required by projects like Bazel Central Registry[2][3].
  #
  # [1]: https://github.blog/open-source/git/update-on-the-future-stability-of-source-code-archives-and-hashes/
  # [2]: https://github.com/bazelbuild/bazel-central-registry/blob/main/docs/README.md#validations
  # [3]: https://blog.bazel.build/2023/02/15/github-archive-checksum.html
  bazel-release-archive:
    defaults:
        run:
          # https://vaneyckt.io/posts/safer_bash_scripts_with_set_euxo_pipefail/
          shell: /usr/bin/bash -euxo pipefail {0}
    env:
      # github.ref_name is defined here:
      # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs#github-context
      TAG: ${{github.ref_name}}
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v3
      # GITHUB_REF is defined here:
      # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
      - run: git archive --format zip    --prefix "grpc-web-$TAG/" --output "grpc-web-source-${TAG}.zip"    "$GITHUB_REF"
      - run: git archive --format tar.gz --prefix "grpc-web-$TAG/" --output "grpc-web-source-${TAG}.tar.gz" "$GITHUB_REF"
      - run: gh release upload "${TAG}" "grpc-web-source-${TAG}.zip" "grpc-web-source-${TAG}.tar.gz"
        env:
          GH_TOKEN: ${{ github.token }}

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: Publish Stable Source Archive
 
on:
  release:
    types: [published]
 
jobs:
  # Whenever a release is published, this uploads an accompanying stable source archive.
  #
  # Github doesn't guarantee stability of source archives for more than 6 months[1].
  # More stability is required by projects like Bazel Central Registry[2][3].
  #
  # [1]: https://github.blog/open-source/git/update-on-the-future-stability-of-source-code-archives-and-hashes/
  # [2]: https://github.com/bazelbuild/bazel-central-registry/blob/main/docs/README.md#validations
  # [3]: https://blog.bazel.build/2023/02/15/github-archive-checksum.html
  bazel-release-archive:
    timeout-minutes: 30
    defaults:
        run:
          # https://vaneyckt.io/posts/safer_bash_scripts_with_set_euxo_pipefail/
          shell: /usr/bin/bash -euxo pipefail {0}
    env:
      # github.ref_name is defined here:
      # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs#github-context
      TAG: ${{github.ref_name}}
    runs-on: latchkey-small
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@v3
      # GITHUB_REF is defined here:
      # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
      - run: git archive --format zip    --prefix "grpc-web-$TAG/" --output "grpc-web-source-${TAG}.zip"    "$GITHUB_REF"
      - run: git archive --format tar.gz --prefix "grpc-web-$TAG/" --output "grpc-web-source-${TAG}.tar.gz" "$GITHUB_REF"
      - run: gh release upload "${TAG}" "grpc-web-source-${TAG}.zip" "grpc-web-source-${TAG}.tar.gz"
        env:
          GH_TOKEN: ${{ github.token }}
 

What changed

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow