Skip to content
Latchkey

Code Analysis workflow (ryanlelek/Raneto)

The Code Analysis workflow from ryanlelek/Raneto, explained and optimized by Latchkey.

D

CI health: D - needs work

Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: ryanlelek/Raneto.github/workflows/analysis.ymlLicense MITView source

What it does

This is the Code Analysis workflow from the ryanlelek/Raneto repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
---
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs

name: Code Analysis
on:
  push:
    branches: ['main']
  pull_request:
    branches: ['main']

permissions:
  contents: read

jobs:
  build:
    environment: build
    # OS List
    # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories
    runs-on: ubuntu-latest
    steps:
      # https://github.com/marketplace/actions/checkout
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      # https://github.com/marketplace/actions/setup-node-js-environment
      - name: Use Node.js 24.x
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version: 24.x
          #cache: 'npm'
      - run: npm ci
      - run: npm run build --if-present
      - run: npm run unit
      # https://github.com/marketplace/actions/codecov
      - name: Upload coverage reports to Codecov
        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
      # https://github.com/marketplace/actions/official-fossa-action
      - name: Upload to FOSSA
        uses: fossas/fossa-action@c414b9ad82eaad041e47a7cf62a4f02411f427a0 # v1.8.0
        with:
          api-key: ${{ secrets.FOSSA_API_KEY }}

The same workflow, on Latchkey

Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.

---
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
 
name: Code Analysis
on:
  push:
    branches: ['main']
  pull_request:
    branches: ['main']
 
permissions:
  contents: read
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  build:
    timeout-minutes: 30
    environment: build
    # OS List
    # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories
    runs-on: latchkey-small
    steps:
      # https://github.com/marketplace/actions/checkout
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      # https://github.com/marketplace/actions/setup-node-js-environment
      - name: Use Node.js 24.x
        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          cache: 'npm'
          node-version: 24.x
          #cache: 'npm'
      - run: npm ci
      - run: npm run build --if-present
      - run: npm run unit
      # https://github.com/marketplace/actions/codecov
      - name: Upload coverage reports to Codecov
        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
      # https://github.com/marketplace/actions/official-fossa-action
      - name: Upload to FOSSA
        uses: fossas/fossa-action@c414b9ad82eaad041e47a7cf62a4f02411f427a0 # v1.8.0
        with:
          api-key: ${{ secrets.FOSSA_API_KEY }}
 

What changed

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow