Skip to content
Latchkey

CI workflow (horsicq/Detect-It-Easy)

The CI workflow from horsicq/Detect-It-Easy, explained and optimized by Latchkey.

F

CI health: F - at risk

Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: horsicq/Detect-It-Easy.github/workflows/update_db.ymlLicense MITView source

What it does

This is the CI workflow from the horsicq/Detect-It-Easy repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
# This is a basic workflow to help you get started with Actions


name: CI


# Controls when the workflow will run

on:
    # Triggers the workflow on push or pull request events but only for the "main" branch

    push:
        branches: ["master"]


    # Allows you to run this workflow manually from the Actions tab

    workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel

jobs:
    # This workflow contains a single job called "build"

    build:
        # The type of runner that the job will run on

        runs-on: ubuntu-latest


        # Steps represent a sequence of tasks that will be executed as part of the job

        steps:
            - name: Set up Python

              uses: actions/setup-python@v4

              with:
                  python-version: "3.13"

            # Set git to use CRLF line endings

            - name: Configure git CRLF

              run: |

                  git config --global core.autocrlf true


            # Clone Detect-It-Easy repository

            - name: Clone Detect-It-Easy

              run: |

                  git clone https://github.com/horsicq/Detect-It-Easy DIE


            # Create zip archives

            - name: Create zip archives

              run: |

                  cd DIE

                  zip -r ../db.zip db

                  zip -r ../db_extra.zip db_extra

                  cd ..

                  ls -la *.zip  # Verify the zip files were created

            # Calculate MD5 checksums

            - name: Calculate MD5 checksums

              id: md5

              run: |

                  DB_MD5=$(md5sum db.zip | awk '{print $1}')

                  DB_EXTRA_MD5=$(md5sum db_extra.zip | awk '{print $1}')

                  echo "DB_MD5=$DB_MD5" >> $GITHUB_OUTPUT

                  echo "DB_EXTRA_MD5=$DB_EXTRA_MD5" >> $GITHUB_OUTPUT

                  echo "$DB_MD5" >> db.zip.md5

                  echo "$DB_EXTRA_MD5" >> db_extra.zip.md5


            - name: Generate DB Stats

              run: |

                  cd DIE

                  cd autotools/dbupdater

                  python --version

                  python task.py '../../db' > '../../../db_stat.txt'

                  python task.py '../../db_extra' > '../../../db_extra_stat.txt'


            # Get the current date for the update message

            - name: Get current date

              id: date

              run: echo "DATE=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT


            # Read database stats

            - name: Read database stats

              id: dbstats

              run: |

                  DB_STATS=$(cat db_stat.txt)

                  DB_EXTRA_STATS=$(cat db_extra_stat.txt)

                  echo "DB_STATS<<EOF" >> $GITHUB_OUTPUT

                  echo "$DB_STATS" >> $GITHUB_OUTPUT

                  echo "EOF" >> $GITHUB_OUTPUT

                  echo "DB_EXTRA_STATS<<EOF" >> $GITHUB_OUTPUT

                  echo "$DB_EXTRA_STATS" >> $GITHUB_OUTPUT

                  echo "EOF" >> $GITHUB_OUTPUT


            # Update the "Current database" pre-release

            - name: Update Database Release

              uses: softprops/action-gh-release@v3

              with:
                  files: |

                      db.zip

                      db.zip.md5

                      db_extra.zip

                      db_extra.zip.md5

                  name: "Current database"

                  tag_name: current-database

                  body: |

                      - db.zip: `${{ steps.md5.outputs.DB_MD5 }}`

                      - db_extra.zip: `${{ steps.md5.outputs.DB_EXTRA_MD5 }}`


                      Last updated: ${{ steps.date.outputs.DATE }}


                      This pre-release contains the latest database files from Detect-It-Easy:
                      - db.zip: Contains main database files


                      ${{ steps.dbstats.outputs.DB_STATS }}


                      - db_extra.zip: Contains extra database files


                      ${{ steps.dbstats.outputs.DB_EXTRA_STATS }}

                  draft: false

                  prerelease: true

              env:
                  GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

# This is a basic workflow to help you get started with Actions



name: CI



# Controls when the workflow will run

on:

    # Triggers the workflow on push or pull request events but only for the "main" branch

    push:

        branches: ["master"]



    # Allows you to run this workflow manually from the Actions tab

    workflow_dispatch:



# A workflow run is made up of one or more jobs that can run sequentially or in parallel

concurrency:

    group: ${{ github.workflow }}-${{ github.ref }}

    cancel-in-progress: true



jobs:

    # This workflow contains a single job called "build"

    build:

        timeout-minutes: 30

        # The type of runner that the job will run on

        runs-on: latchkey-small



        # Steps represent a sequence of tasks that will be executed as part of the job

        steps:

            - name: Set up Python

              uses: actions/setup-python@v4

              with:

                  cache: 'pip'

                  python-version: "3.13"

            # Set git to use CRLF line endings

            - name: Configure git CRLF

              run: |

                  git config --global core.autocrlf true



            # Clone Detect-It-Easy repository

            - name: Clone Detect-It-Easy

              run: |

                  git clone https://github.com/horsicq/Detect-It-Easy DIE



            # Create zip archives

            - name: Create zip archives

              run: |

                  cd DIE

                  zip -r ../db.zip db

                  zip -r ../db_extra.zip db_extra

                  cd ..

                  ls -la *.zip  # Verify the zip files were created

            # Calculate MD5 checksums

            - name: Calculate MD5 checksums

              id: md5

              run: |

                  DB_MD5=$(md5sum db.zip | awk '{print $1}')

                  DB_EXTRA_MD5=$(md5sum db_extra.zip | awk '{print $1}')

                  echo "DB_MD5=$DB_MD5" >> $GITHUB_OUTPUT

                  echo "DB_EXTRA_MD5=$DB_EXTRA_MD5" >> $GITHUB_OUTPUT

                  echo "$DB_MD5" >> db.zip.md5

                  echo "$DB_EXTRA_MD5" >> db_extra.zip.md5



            - name: Generate DB Stats

              run: |

                  cd DIE

                  cd autotools/dbupdater

                  python --version

                  python task.py '../../db' > '../../../db_stat.txt'

                  python task.py '../../db_extra' > '../../../db_extra_stat.txt'



            # Get the current date for the update message

            - name: Get current date

              id: date

              run: echo "DATE=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT



            # Read database stats

            - name: Read database stats

              id: dbstats

              run: |

                  DB_STATS=$(cat db_stat.txt)

                  DB_EXTRA_STATS=$(cat db_extra_stat.txt)

                  echo "DB_STATS<<EOF" >> $GITHUB_OUTPUT

                  echo "$DB_STATS" >> $GITHUB_OUTPUT

                  echo "EOF" >> $GITHUB_OUTPUT

                  echo "DB_EXTRA_STATS<<EOF" >> $GITHUB_OUTPUT

                  echo "$DB_EXTRA_STATS" >> $GITHUB_OUTPUT

                  echo "EOF" >> $GITHUB_OUTPUT



            # Update the "Current database" pre-release

            - name: Update Database Release

              uses: softprops/action-gh-release@v3

              with:

                  files: |

                      db.zip

                      db.zip.md5

                      db_extra.zip

                      db_extra.zip.md5

                  name: "Current database"

                  tag_name: current-database

                  body: |

                      - db.zip: `${{ steps.md5.outputs.DB_MD5 }}`

                      - db_extra.zip: `${{ steps.md5.outputs.DB_EXTRA_MD5 }}`



                      Last updated: ${{ steps.date.outputs.DATE }}



                      This pre-release contains the latest database files from Detect-It-Easy:

                      - db.zip: Contains main database files



                      ${{ steps.dbstats.outputs.DB_STATS }}



                      - db_extra.zip: Contains extra database files



                      ${{ steps.dbstats.outputs.DB_EXTRA_STATS }}

                  draft: false

                  prerelease: true

              env:

                  GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}

 

What changed

1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow