Skip to content
Latchkey

Pull request workflow workflow (ipfs/awesome-ipfs)

The Pull request workflow workflow from ipfs/awesome-ipfs, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get caching, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: ipfs/awesome-ipfs.github/workflows/pull_requests.ymlLicense CC0-1.0View source

What it does

This is the Pull request workflow workflow from the ipfs/awesome-ipfs repository, a real project running GitHub Actions. It is shown here with attribution under its CC0-1.0 license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)

name: Pull request workflow

on:
  pull_request_target:
    types: [ opened, synchronize, reopened ]
    branches: [ master, main ]

jobs:
  run-awesome-bot:
    runs-on: ubuntu-latest
    if: "!contains(github.event.head_commit.message, '[skip ci]')"
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: 13
      - name: Set up Ruby 3.1.2
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.1.2
      - name: Install and run awesome_bot
        # It's okay for awesome_bot to fail (for maintainers only). Danger will post a comment on the PR (for maintainers only) if it fails.
        run: |
          gem install awesome_bot
          # Only fail the pull request if $DANGER_GITHUB_API_TOKEN is empty
          awesome_bot --allow 429 --allow-redirect --allow-dupe --allow-ssl -w ipfs.io README.md || [ -n $DANGER_GITHUB_API_TOKEN ]
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
      - name: Run danger
        if: always()
        # see https://github.com/danger/danger/issues/1103
        # see https://github.com/danger/danger/blob/master/.github/workflows/CI.yml#L38-L41
        run: |
          TOKEN='7469b4e94ce21b43e3ab7a'
          TOKEN+='79960c12a1e067f2ec'
          SECRET_TOKEN="${DANGER_GITHUB_API_TOKEN:-$GITHUB_TOKEN}"
          DANGER_GITHUB_API_TOKEN=${SECRET_TOKEN:-$TOKEN} RUNNING_IN_ACTIONS=true npm run ci:danger || echo "Skipping Danger for External Contributor"
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

 
name: Pull request workflow
 
on:
  pull_request_target:
    types: [ opened, synchronize, reopened ]
    branches: [ master, main ]
 
jobs:
  run-awesome-bot:
    timeout-minutes: 30
    runs-on: latchkey-small
    if: "!contains(github.event.head_commit.message, '[skip ci]')"
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          cache: 'npm'
          node-version: 13
      - name: Set up Ruby 3.1.2
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.1.2
      - name: Install and run awesome_bot
        # It's okay for awesome_bot to fail (for maintainers only). Danger will post a comment on the PR (for maintainers only) if it fails.
        run: |
          gem install awesome_bot
          # Only fail the pull request if $DANGER_GITHUB_API_TOKEN is empty
          awesome_bot --allow 429 --allow-redirect --allow-dupe --allow-ssl -w ipfs.io README.md || [ -n $DANGER_GITHUB_API_TOKEN ]
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
      - name: Run danger
        if: always()
        # see https://github.com/danger/danger/issues/1103
        # see https://github.com/danger/danger/blob/master/.github/workflows/CI.yml#L38-L41
        run: |
          TOKEN='7469b4e94ce21b43e3ab7a'
          TOKEN+='79960c12a1e067f2ec'
          SECRET_TOKEN="${DANGER_GITHUB_API_TOKEN:-$GITHUB_TOKEN}"
          DANGER_GITHUB_API_TOKEN=${SECRET_TOKEN:-$TOKEN} RUNNING_IN_ACTIONS=true npm run ci:danger || echo "Skipping Danger for External Contributor"
        env:
          DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

What changed

1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow