Skip to content
Latchkey

Build workflow (lutzroeder/netron)

The Build workflow from lutzroeder/netron, explained and optimized by Latchkey.

D

CI health: D - needs work

Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: lutzroeder/netron.github/workflows/build.ymlLicense MITView source

What it does

This is the Build workflow from the lutzroeder/netron repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)

name: Build

on:
  push:
    branches: [ '**' ]
    tags-ignore: [ '**' ]
  pull_request:
    branches: [ main ]

jobs:
  build:
    name: Build
    runs-on: ${{ matrix.os }}
    timeout-minutes: 30

    strategy:
      matrix:
        os: [ macos-latest, ubuntu-latest, windows-latest ]

    steps:
      - name: Clone Git repository
        uses: actions/checkout@v4

      - name: Install Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '24.15'

      - name: Install Python
        uses: actions/setup-python@v5
        with:
          python-version: 3.x

      - name: Install Packages
        run: npm run install

      - name: Validate
        run: npm run validate

      - name: Build Python Server
        run: npm run build python

      - name: Build Electron
        shell: bash
        run: |
          npx electron-builder install-app-deps
          case "${{ matrix.os }}" in
            macos*)
              npm run build electron mac
              ;;
            ubuntu*)
              sudo apt-get install rpm --yes
              npm run build electron linux
              ;;
            windows*)
              npm run build electron windows
              ;;
          esac

  analyze:
    name: Analyze
    runs-on: ubuntu-latest

    permissions:
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language: [ 'javascript', 'python' ]

    steps:
      - name: Clone Git repository
        uses: actions/checkout@v4

      - name: Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}

      - name: Autobuild
        uses: github/codeql-action/autobuild@v3

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

 
name: Build
 
on:
  push:
    branches: [ '**' ]
    tags-ignore: [ '**' ]
  pull_request:
    branches: [ main ]
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  build:
    name: Build
    runs-on: ${{ matrix.os }}
    timeout-minutes: 30
 
    strategy:
      matrix:
        os: [ macos-latest, ubuntu-latest, windows-latest ]
 
    steps:
      - name: Clone Git repository
        uses: actions/checkout@v4
 
      - name: Install Node.js
        uses: actions/setup-node@v4
        with:
          cache: 'npm'
          node-version: '24.15'
 
      - name: Install Python
        uses: actions/setup-python@v5
        with:
          python-version: 3.x
 
      - name: Install Packages
        run: npm run install
 
      - name: Validate
        run: npm run validate
 
      - name: Build Python Server
        run: npm run build python
 
      - name: Build Electron
        shell: bash
        run: |
          npx electron-builder install-app-deps
          case "${{ matrix.os }}" in
            macos*)
              npm run build electron mac
              ;;
            ubuntu*)
              sudo apt-get install rpm --yes
              npm run build electron linux
              ;;
            windows*)
              npm run build electron windows
              ;;
          esac
 
  analyze:
    timeout-minutes: 30
    name: Analyze
    runs-on: latchkey-small
 
    permissions:
      security-events: write
 
    strategy:
      fail-fast: false
      matrix:
        language: [ 'javascript', 'python' ]
 
    steps:
      - name: Clone Git repository
        uses: actions/checkout@v4
 
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
 
      - name: Autobuild
        uses: github/codeql-action/autobuild@v3
 
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3
 

What changed

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 2 jobs (5 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow