Skip to content
Latchkey

GitLab workflow (iterative/cml)

The GitLab workflow from iterative/cml, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get run de-duplication, job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: iterative/cml.github/workflows/gitlab.ymlLicense Apache-2.0View source

What it does

This is the GitLab workflow from the iterative/cml repository, a real project running GitHub Actions. It is shown here with attribution under its Apache-2.0 license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: GitLab
on: pull_request
jobs:
  gitlab:
    runs-on: ubuntu-latest
    services:
      gitlab:
        image: docker://gitlab/gitlab-ce
        ports: ['8000:8000']
        env:
          GITLAB_OMNIBUS_CONFIG: |
            external_url 'http://localhost:8000/gitlab'
            nginx['custom_nginx_config'] = '
              server {
                listen 8000;
                location /gitlab {
                  proxy_set_header Host $http_host;
                  proxy_pass http://gitlab-workhorse;
                }
              }
              '
    steps:
      - uses: actions/checkout@v3
      - name: Configure credentials
        run: |
          docker exec ${{ job.services.gitlab.id }} bin/gitlab-rails runner "
          ; user = User.find_by_username('root')
          ; user.password = '${{ github.token }}'
          ; user.password_confirmation = '${{ github.token }}'
          ; user.save!
          ; token = user.personal_access_tokens.create(scopes: [:api], name: 'Token', expires_at: 1.days.from_now)
          ; token.set_token('${{ github.token }}')
          ; token.save!
          "
      - name: Create test project
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request POST \
          --get \
          --data "name=test"
      - name: Create test commit
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects/root%2Ftest/repository/files/README.md" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request POST \
          --get \
          --data "author_email=test@test" \
          --data "author_name=Test" \
          --data "branch=main" \
          --data "commit_message=Create%20README.md" \
          --data "content=Test"
      - name: Get last commit
        id: commit
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects/root%2Ftest/repository/commits/main" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request GET \
          | jq -r .id \
          | xargs -0 printf "hash=%s" >> $GITHUB_OUTPUT
      - run: npm ci
      - name: Run cml-send-comment
        run: |
          node bin/cml.js send-comment \
          --token=${{ github.token }} \
          --repo=http://localhost:8000/gitlab/root/test \
          --commit-sha=${{ steps.commit.outputs.hash }} \
          --driver=gitlab \
          <(echo message)

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: GitLab
on: pull_request
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  gitlab:
    timeout-minutes: 30
    runs-on: latchkey-small
    services:
      gitlab:
        image: docker://gitlab/gitlab-ce
        ports: ['8000:8000']
        env:
          GITLAB_OMNIBUS_CONFIG: |
            external_url 'http://localhost:8000/gitlab'
            nginx['custom_nginx_config'] = '
              server {
                listen 8000;
                location /gitlab {
                  proxy_set_header Host $http_host;
                  proxy_pass http://gitlab-workhorse;
                }
              }
              '
    steps:
      - uses: actions/checkout@v3
      - name: Configure credentials
        run: |
          docker exec ${{ job.services.gitlab.id }} bin/gitlab-rails runner "
          ; user = User.find_by_username('root')
          ; user.password = '${{ github.token }}'
          ; user.password_confirmation = '${{ github.token }}'
          ; user.save!
          ; token = user.personal_access_tokens.create(scopes: [:api], name: 'Token', expires_at: 1.days.from_now)
          ; token.set_token('${{ github.token }}')
          ; token.save!
          "
      - name: Create test project
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request POST \
          --get \
          --data "name=test"
      - name: Create test commit
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects/root%2Ftest/repository/files/README.md" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request POST \
          --get \
          --data "author_email=test@test" \
          --data "author_name=Test" \
          --data "branch=main" \
          --data "commit_message=Create%20README.md" \
          --data "content=Test"
      - name: Get last commit
        id: commit
        run: |
          curl "http://localhost:8000/gitlab/api/v4/projects/root%2Ftest/repository/commits/main" \
          --header "PRIVATE-TOKEN: ${{ github.token }}" \
          --request GET \
          | jq -r .id \
          | xargs -0 printf "hash=%s" >> $GITHUB_OUTPUT
      - run: npm ci
      - name: Run cml-send-comment
        run: |
          node bin/cml.js send-comment \
          --token=${{ github.token }} \
          --repo=http://localhost:8000/gitlab/root/test \
          --commit-sha=${{ steps.commit.outputs.hash }} \
          --driver=gitlab \
          <(echo message)
 

What changed

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow