test workflow (porsager/postgres)
The test workflow from porsager/postgres, explained and optimized by Latchkey.
CI health: F - at risk
Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the test workflow from the porsager/postgres repository, a real project running GitHub Actions. It is shown here with attribution under its Unlicense license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: test
on: [push, pull_request]
jobs:
test:
name: Node v${{ matrix.node }} on PostgreSQL v${{ matrix.postgres }}
strategy:
fail-fast: false
matrix:
node: ['12', '14', '16', '18', '20', '21', '22', '23', '24']
postgres: ['12', '13', '14', '15', '16', '17']
runs-on: ubuntu-latest
services:
postgres:
image: postgres:${{ matrix.postgres }}
env:
POSTGRES_USER: postgres
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5433:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4
- run: |
date
sudo apt purge postgresql-16
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
sudo apt-get -y install "postgresql-${{ matrix.postgres }}"
sudo cp ./tests/pg_hba.conf /etc/postgresql/${{ matrix.postgres }}/main/pg_hba.conf
sudo sed -i 's/.*wal_level.*/wal_level = logical/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf
sudo sed -i 's/.*max_prepared_transactions.*/max_prepared_transactions = 100/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf
sudo sed -i 's/.*ssl = .*/ssl = on/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf
openssl req -new -x509 -nodes -days 365 -text -subj "/CN=localhost" -extensions v3_req -config <(cat /etc/ssl/openssl.cnf <(printf "\n[v3_req]\nbasicConstraints=critical,CA:TRUE\nkeyUsage=nonRepudiation,digitalSignature,keyEncipherment\nsubjectAltName=DNS:localhost")) -keyout server.key -out server.crt
sudo cp server.key /etc/postgresql/${{ matrix.postgres }}/main/server.key
sudo cp server.crt /etc/postgresql/${{ matrix.postgres }}/main/server.crt
sudo chmod og-rwx /etc/postgresql/${{ matrix.postgres }}/main/server.key
sudo systemctl start postgresql.service
sudo systemctl status postgresql.service
pg_isready
sudo -u postgres psql -c "SHOW hba_file;"
- uses: denoland/setup-deno@v1
with:
deno-version: v1.x
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- run: npm test
env:
PGUSER: postgres
PGSOCKET: /var/run/postgresql
The same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
name: test on: [push, pull_request] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: timeout-minutes: 30 name: Node v${{ matrix.node }} on PostgreSQL v${{ matrix.postgres }} strategy: fail-fast: false matrix: node: ['12', '14', '16', '18', '20', '21', '22', '23', '24'] postgres: ['12', '13', '14', '15', '16', '17'] runs-on: latchkey-small services: postgres: image: postgres:${{ matrix.postgres }} env: POSTGRES_USER: postgres POSTGRES_HOST_AUTH_METHOD: trust ports: - 5433:5432 options: >- --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 steps: - uses: actions/checkout@v4 - run: | date sudo apt purge postgresql-16 sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - sudo apt-get update sudo apt-get -y install "postgresql-${{ matrix.postgres }}" sudo cp ./tests/pg_hba.conf /etc/postgresql/${{ matrix.postgres }}/main/pg_hba.conf sudo sed -i 's/.*wal_level.*/wal_level = logical/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf sudo sed -i 's/.*max_prepared_transactions.*/max_prepared_transactions = 100/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf sudo sed -i 's/.*ssl = .*/ssl = on/' /etc/postgresql/${{ matrix.postgres }}/main/postgresql.conf openssl req -new -x509 -nodes -days 365 -text -subj "/CN=localhost" -extensions v3_req -config <(cat /etc/ssl/openssl.cnf <(printf "\n[v3_req]\nbasicConstraints=critical,CA:TRUE\nkeyUsage=nonRepudiation,digitalSignature,keyEncipherment\nsubjectAltName=DNS:localhost")) -keyout server.key -out server.crt sudo cp server.key /etc/postgresql/${{ matrix.postgres }}/main/server.key sudo cp server.crt /etc/postgresql/${{ matrix.postgres }}/main/server.crt sudo chmod og-rwx /etc/postgresql/${{ matrix.postgres }}/main/server.key sudo systemctl start postgresql.service sudo systemctl status postgresql.service pg_isready sudo -u postgres psql -c "SHOW hba_file;" - uses: denoland/setup-deno@v1 with: deno-version: v1.x - uses: actions/setup-node@v4 with: cache: 'npm' node-version: ${{ matrix.node }} - run: npm test env: PGUSER: postgres PGSOCKET: /var/run/postgresql
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cancel superseded runs when a branch or PR gets a newer push.
- Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
What Latchkey heals here
This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:
- Dependency installs
- Network fetches
This workflow runs 1 job (54 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.