-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathA11Y_SHIFT_LEFT_WORKFLOW.yml
More file actions
73 lines (64 loc) · 1.71 KB
/
A11Y_SHIFT_LEFT_WORKFLOW.yml
File metadata and controls
73 lines (64 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
name: Accessibility Shift-Left
on:
pull_request:
paths:
- "**/*.html"
- "**/*.md"
- "**/*.js"
- "**/*.jsx"
- "**/*.ts"
- "**/*.tsx"
- "**/*.vue"
- "**/*.svelte"
- ".github/workflows/**"
push:
branches: [main]
schedule:
- cron: "0 6 * * 1"
workflow_dispatch:
permissions:
contents: read
jobs:
a11y-ci-gate:
name: A11y PR Gate
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "22"
cache: "npm"
- name: Install dependencies
run: npm ci
- name: Run accessibility checks
run: npm run test:a11y
accessibility-scanner:
name: GitHub Accessibility Scanner
if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run scanner
uses: github/accessibility-scanner@v2
with:
url: ${{ vars.ACCESSIBILITY_SCAN_URL }}
repo_token: ${{ secrets.GH_TOKEN }}
# Optional auth inputs for gated sites:
# login_url: ${{ vars.ACCESSIBILITY_LOGIN_URL }}
# username: ${{ secrets.ACCESSIBILITY_USERNAME }}
# password: ${{ secrets.ACCESSIBILITY_PASSWORD }}
required-check-summary:
name: Required Check Summary
runs-on: ubuntu-latest
needs: [a11y-ci-gate]
if: always()
steps:
- name: Enforce gate outcome
run: |
if [ "${{ needs.a11y-ci-gate.result }}" != "success" ]; then
echo "A11y PR gate failed."
exit 1
fi