Skip to content
Latchkey

Backport workflow (python-poetry/poetry)

The Backport workflow from python-poetry/poetry, explained and optimized by Latchkey.

A

CI health: A - excellent

Point runs-on at Latchkey and get job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: python-poetry/poetry.github/workflows/backport.yamlLicense MITView source

What it does

This is the Backport workflow from the python-poetry/poetry repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Backport

on:
  pull_request_target:  # zizmor: ignore[dangerous-triggers]
    types:
      - closed
      - labeled

# we create the token we need later on
permissions: {}

jobs:
  backport:
    name: Create backport
    runs-on: ubuntu-latest
    # This workflow only applies to merged PRs; and triggers on a PR being closed, or the backport label being applied.
    # See https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target.
    if: >
      github.event.pull_request.merged
      && (
        github.event.action == 'closed'
        ||
          (github.event.action == 'labeled' && contains(github.event.label.name, 'backport/')
        )
      )
    steps:
      - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
        id: app-token
        with:
          app-id: ${{ secrets.POETRY_TOKEN_APP_ID }}
          private-key: ${{ secrets.POETRY_TOKEN_APP_KEY }}
      - uses: tibdex/backport@9565281eda0731b1d20c4025c43339fb0a23812e # v2.0.4
        with:
          github_token: ${{ steps.app-token.outputs.token }}
          title_template: "[<%= base %>] <%= title %>"
          label_pattern: "^backport/(?<base>([^ ]+))$"

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: Backport
 
on:
  pull_request_target:  # zizmor: ignore[dangerous-triggers]
    types:
      - closed
      - labeled
 
# we create the token we need later on
permissions: {}
 
jobs:
  backport:
    timeout-minutes: 30
    name: Create backport
    runs-on: latchkey-small
    # This workflow only applies to merged PRs; and triggers on a PR being closed, or the backport label being applied.
    # See https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target.
    if: >
      github.event.pull_request.merged
      && (
        github.event.action == 'closed'
        ||
          (github.event.action == 'labeled' && contains(github.event.label.name, 'backport/')
        )
      )
    steps:
      - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
        id: app-token
        with:
          app-id: ${{ secrets.POETRY_TOKEN_APP_ID }}
          private-key: ${{ secrets.POETRY_TOKEN_APP_KEY }}
      - uses: tibdex/backport@9565281eda0731b1d20c4025c43339fb0a23812e # v2.0.4
        with:
          github_token: ${{ steps.app-token.outputs.token }}
          title_template: "[<%= base %>] <%= title %>"
          label_pattern: "^backport/(?<base>([^ ]+))$"
 

What changed

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow