validate workflow (testing-library/jest-dom)
The validate workflow from testing-library/jest-dom, explained and optimized by Latchkey.
CI health: F - at risk
Point runs-on at Latchkey and get caching, run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.
What it does
This is the validate workflow from the testing-library/jest-dom repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
name: validate
on:
push:
branches:
- '+([0-9])?(.{+([0-9]),x}).x'
- 'main'
- 'next'
- 'next-major'
- 'beta'
- 'alpha'
- '!all-contributors/**'
pull_request: {}
permissions: {}
jobs:
main:
permissions:
contents: read
# ignore all-contributors PRs
if: ${{ !contains(github.head_ref, 'all-contributors') }}
strategy:
matrix:
node: [14, 16, 18, 20, 22, 24]
runs-on: ubuntu-latest
steps:
- name: ⬇️ Checkout repo
uses: actions/checkout@v4
- name: ⎔ Setup node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: 📥 Download deps
uses: bahmutov/npm-install@v1
with:
useLockFile: false
- name: ▶️ Run validate script
run: npm run validate
env:
FORCE_COLOR: true
- name: ⬆️ Upload coverage report
uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true
token: ${{ secrets.CODECOV_TOKEN }}
release:
permissions:
id-token: write # required for npm trusted publishing
contents: write # to create release tags
issues: write # to post semantic-release failure/success issues
pull-requests: write # to comment on released pull requests
needs: main
runs-on: ubuntu-latest
if:
${{ github.repository == 'testing-library/jest-dom' &&
contains('refs/heads/main,refs/heads/beta,refs/heads/next,refs/heads/alpha',
github.ref) && github.event_name == 'push' }}
steps:
- name: ⬇️ Checkout repo
uses: actions/checkout@v4
- name: ⎔ Setup node
uses: actions/setup-node@v4
with:
node-version: 24
- name: 📥 Download deps
uses: bahmutov/npm-install@v1
with:
useLockFile: false
- name: 🏗 Run build script
run: npm run build
- name: 🚀 Release
uses: cycjimmy/semantic-release-action@v5
with:
semantic_version: 25
branches: |
[
'+([0-9])?(.{+([0-9]),x}).x',
'main',
'next',
'next-major',
{name: 'beta', prerelease: true},
{name: 'alpha', prerelease: true}
]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
The same workflow, on Latchkey
Estimated ~20% faster on cache hits, plus fewer wasted runs and a safer supply chain. Added and changed lines are highlighted.
name: validate on: push: branches: - '+([0-9])?(.{+([0-9]),x}).x' - 'main' - 'next' - 'next-major' - 'beta' - 'alpha' - '!all-contributors/**' pull_request: {} permissions: {} concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: main: timeout-minutes: 30 permissions: contents: read # ignore all-contributors PRs if: ${{ !contains(github.head_ref, 'all-contributors') }} strategy: matrix: node: [14, 16, 18, 20, 22, 24] runs-on: latchkey-small steps: - name: ⬇️ Checkout repo uses: actions/checkout@v4 - name: ⎔ Setup node uses: actions/setup-node@v4 with: cache: 'npm' node-version: ${{ matrix.node }} - name: 📥 Download deps uses: bahmutov/npm-install@v1 with: useLockFile: false - name: ▶️ Run validate script run: npm run validate env: FORCE_COLOR: true - name: ⬆️ Upload coverage report uses: codecov/codecov-action@v4 with: fail_ci_if_error: true token: ${{ secrets.CODECOV_TOKEN }} release: timeout-minutes: 30 permissions: id-token: write # required for npm trusted publishing contents: write # to create release tags issues: write # to post semantic-release failure/success issues pull-requests: write # to comment on released pull requests needs: main runs-on: latchkey-small if: ${{ github.repository == 'testing-library/jest-dom' && contains('refs/heads/main,refs/heads/beta,refs/heads/next,refs/heads/alpha', github.ref) && github.event_name == 'push' }} steps: - name: ⬇️ Checkout repo uses: actions/checkout@v4 - name: ⎔ Setup node uses: actions/setup-node@v4 with: cache: 'npm' node-version: 24 - name: 📥 Download deps uses: bahmutov/npm-install@v1 with: useLockFile: false - name: 🏗 Run build script run: npm run build - name: 🚀 Release uses: cycjimmy/semantic-release-action@v5 with: semantic_version: 25 branches: | [ '+([0-9])?(.{+([0-9]),x}).x', 'main', 'next', 'next-major', {name: 'beta', prerelease: true}, {name: 'alpha', prerelease: true} ] env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
What changed
- Run on Latchkey managed runners with one line (
runs-on), which apply the fixes below automatically and self-heal transient failures. This example useslatchkey-small; pick the runner size that fits the job. - Cancel superseded runs when a branch or PR gets a newer push.
- Cache dependency installs on the setup step so they are served from cache.
- Add a job timeout so a hung step cannot burn hours of runner time.
3 third-party actions are referenced by a movable tag. Pin them to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.
This workflow runs 2 jobs (7 with the matrix expanded) per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.