Build and upload wheels workflow (pyvisa/pyvisa)
The Build and upload wheels workflow from pyvisa/pyvisa, explained and optimized by Latchkey.
CI health: F - at risk
Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the Build and upload wheels workflow from the pyvisa/pyvisa repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: Build and upload wheels
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * 3"
push:
tags:
- "*"
jobs:
build_sdist:
name: Build sdist
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v7
- name: Get history and tags for SCM versioning to work
run: |
git fetch --prune --unshallow
git fetch --depth=1 origin +refs/tags/*:refs/tags/*
- name: Setup Python
uses: actions/setup-python@v6
- name: Build sdist
run: |
pip install --upgrade pip
pip install wheel build
python -m build . -s
- name: Test sdist
run: |
pip install pytest
pip install dist/*.tar.gz
python -X dev -m pytest --pyargs pyvisa
- name: Store artifacts
uses: actions/upload-artifact@v7
with:
name: cibw-sdist
path: dist/*
build_wheel:
name: Build wheel
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v7
- name: Get history and tags for SCM versioning to work
run: |
git fetch --prune --unshallow
git fetch --depth=1 origin +refs/tags/*:refs/tags/*
- name: Setup Python
uses: actions/setup-python@v6
- name: Build wheels
run: |
pip install --upgrade pip
pip install wheel build
python -m build . -w
- name: Test wheel
run: |
pip install pytest
pip install dist/*.whl
python -X dev -m pytest --pyargs pyvisa
- name: Store artifacts
uses: actions/upload-artifact@v7
with:
name: cibw-wheels
path: dist/*.whl
publish:
if: github.event_name == 'push'
needs: [build_wheel, build_sdist]
runs-on: ubuntu-latest
environment:
name: pypi
url: https://pypi.org/p/pyvisa/
permissions:
id-token: write
steps:
- name: Download all the dists
uses: actions/download-artifact@v8.0.1
with:
pattern: cibw-*
path: dist
merge-multiple: true
- uses: pypa/gh-action-pypi-publish@release/v1
github-release:
name: >-
Sign the Python π distribution π¦ with Sigstore
and create a GitHub Release
runs-on: ubuntu-latest
needs:
- publish
permissions:
contents: write
id-token: write
steps:
- name: Download all the dists
uses: actions/download-artifact@v8.0.1
with:
pattern: cibw-*
path: dist
merge-multiple: true
- name: Sign the dists with Sigstore
uses: sigstore/gh-action-sigstore-python@v3.4.0
with:
inputs: >-
./dist/*.tar.gz
./dist/*.whl
- name: Create GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release create
'${{ github.ref_name }}'
--repo '${{ github.repository }}'
--generate-notes
- name: Upload artifact signatures to GitHub Release
env:
GITHUB_TOKEN: ${{ github.token }}
run: >-
gh release upload
'${{ github.ref_name }}' dist/**
--repo '${{ github.repository }}'
The same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
name: Build and upload wheels on: workflow_dispatch: schedule: - cron: "0 0 * * 3" push: tags: - "*" concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: build_sdist: timeout-minutes: 30 name: Build sdist runs-on: latchkey-small steps: - name: Checkout uses: actions/checkout@v7 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Setup Python uses: actions/setup-python@v6 with: cache: 'pip' - name: Build sdist run: | pip install --upgrade pip pip install wheel build python -m build . -s - name: Test sdist run: | pip install pytest pip install dist/*.tar.gz python -X dev -m pytest --pyargs pyvisa - name: Store artifacts uses: actions/upload-artifact@v7 with: name: cibw-sdist path: dist/* build_wheel: timeout-minutes: 30 name: Build wheel runs-on: latchkey-small steps: - name: Checkout uses: actions/checkout@v7 - name: Get history and tags for SCM versioning to work run: | git fetch --prune --unshallow git fetch --depth=1 origin +refs/tags/*:refs/tags/* - name: Setup Python uses: actions/setup-python@v6 with: cache: 'pip' - name: Build wheels run: | pip install --upgrade pip pip install wheel build python -m build . -w - name: Test wheel run: | pip install pytest pip install dist/*.whl python -X dev -m pytest --pyargs pyvisa - name: Store artifacts uses: actions/upload-artifact@v7 with: name: cibw-wheels path: dist/*.whl publish: timeout-minutes: 30 if: github.event_name == 'push' needs: [build_wheel, build_sdist] runs-on: latchkey-small environment: name: pypi url: https://pypi.org/p/pyvisa/ permissions: id-token: write steps: - name: Download all the dists uses: actions/download-artifact@v8.0.1 with: pattern: cibw-* path: dist merge-multiple: true - uses: pypa/gh-action-pypi-publish@release/v1 github-release: timeout-minutes: 30 name: >- Sign the Python π distribution π¦ with Sigstore and create a GitHub Release runs-on: latchkey-small needs: - publish permissions: contents: write id-token: write steps: - name: Download all the dists uses: actions/download-artifact@v8.0.1 with: pattern: cibw-* path: dist merge-multiple: true - name: Sign the dists with Sigstore uses: sigstore/gh-action-sigstore-python@v3.4.0 with: inputs: >- ./dist/*.tar.gz ./dist/*.whl - name: Create GitHub Release env: GITHUB_TOKEN: ${{ github.token }} run: >- gh release create '${{ github.ref_name }}' --repo '${{ github.repository }}' --generate-notes - name: Upload artifact signatures to GitHub Release env: GITHUB_TOKEN: ${{ github.token }} run: >- gh release upload '${{ github.ref_name }}' dist/** --repo '${{ github.repository }}'
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cancel superseded runs when a branch or PR gets a newer push.
- Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
2 third-party actions are referenced by a movable tag. Pin them to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
What Latchkey heals here
This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:
- Dependency installs
This workflow runs 4 jobs per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.