Accessibility Tests #80
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Accessibility Tests | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 3 * * 0' # Run every Sunday at 3am | |
jobs: | |
pally: | |
name: Pa11y accessibility tests | |
environment: qa | |
env: | |
RAILS_ENV: test | |
HTTP_BASIC_USER: ${{ secrets.HTTP_BASIC_USER }} | |
HTTP_BASIC_PASSWORD: ${{ secrets.HTTP_BASIC_PASSWORD }} | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Prepare application environment | |
uses: ./.github/actions/prepare-app-env | |
with: | |
skip-ruby: true | |
- name: Install pa11y-ci | |
run: | | |
npm install --global --unsafe-perm pa11y-ci | |
mkdir /tmp/pa11y | |
- name: Run Pa11y accessibility tests against QA sitemap pages | |
run: | | |
pa11y-ci --config=.pa11yci \ | |
--sitemap https://$HTTP_BASIC_USER:[email protected]/sitemap.xml \ | |
--sitemap-find qa.teaching \ | |
--sitemap-replace $HTTP_BASIC_USER:[email protected] \ | |
--sitemap-exclude teaching-jobs-in- \ | |
> report.txt | |
- name: Report Pa11y accessibility test results | |
run: cat report.txt && ((`cat report.txt | grep sign-in | wc -l`<2)) || exit 1 | |
- name: Configure AWS credentials | |
if: failure() | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-2 | |
role-to-assume: Deployments | |
role-duration-seconds: 3600 | |
role-skip-session-tagging: true | |
- name: Get secrets from AWS ParameterStore | |
if: failure() | |
uses: dkershner6/aws-ssm-getparameters-action@v2 | |
with: | |
parameterPairs: "/teaching-vacancies/github_action/infra/slack_webhook = SLACK_WEBHOOK" | |
- name: Set environment variables from build output | |
if: failure() | |
run: | | |
echo "LINK_TO_RUN=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" >> $GITHUB_ENV | |
- name: Notify twd_tv_dev channel on Pa11y test failures | |
if: failure() | |
uses: rtCamp/[email protected] | |
env: | |
SLACK_CHANNEL: twd_tv_dev | |
SLACK_USERNAME: CI Accessiblity Tests | |
SLACK_TITLE: Pa11y tests failures | |
SLACK_MESSAGE: | | |
Pa11y accessibility tests failed against QA environment <!channel> | |
See: <${{ env.LINK_TO_RUN }}|Workflow run> | |
SLACK_WEBHOOK: ${{env.SLACK_WEBHOOK}} | |
SLACK_COLOR: failure | |
axe: | |
name: Axe accessibility tests | |
environment: qa | |
env: | |
RAILS_ENV: test | |
HTTP_BASIC_USER: ${{ secrets.HTTP_BASIC_USER }} | |
HTTP_BASIC_PASSWORD: ${{ secrets.HTTP_BASIC_PASSWORD }} | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Prepare application environment | |
uses: ./.github/actions/prepare-app-env | |
with: | |
skip-ruby: true | |
- name: Install axe-core and sitemap-urls | |
run: npm install -g @axe-core/cli sitemap-urls | |
- name: Get list of URLs to test against from QA sitemap | |
run: | | |
# Gets all urls from sitemap in an array | |
urls=($(curl https://$HTTP_BASIC_USER:[email protected]/sitemap.xml | sitemap-urls)) | |
# Removes redundant sitemap urls | |
urls=("${urls[@]/*teaching-jobs-in-*}") | |
urls=("${urls[@]/*\-jobs*}") | |
# Delete empty elements | |
for i in ${!urls[@]}; do [[ -z ${urls[i]} ]] && unset urls[i]; done | |
# Transforms URLS to authenticated URLs | |
urls=("${urls[@]/qa\./$HTTP_BASIC_USER\:$HTTP_BASIC_PASSWORD\@qa\.}") | |
echo "URLS=$urls" >> $GITHUB_ENV | |
- name: Run Axe accessibility tests against QA sitemap pages | |
run: | | |
axe $(for url in "${URLS[@]}"; do echo $url, ; done;) --exit | |
- name: Configure AWS credentials | |
if: failure() | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-2 | |
role-to-assume: Deployments | |
role-duration-seconds: 3600 | |
role-skip-session-tagging: true | |
- name: Get secrets from AWS ParameterStore | |
if: failure() | |
uses: dkershner6/aws-ssm-getparameters-action@v2 | |
with: | |
parameterPairs: "/teaching-vacancies/github_action/infra/slack_webhook = SLACK_WEBHOOK" | |
- name: Set environment variables from build output | |
if: failure() | |
run: | | |
echo "LINK_TO_RUN=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" >> $GITHUB_ENV | |
- name: Notify twd_tv_dev channel on Axe test failures | |
if: failure() | |
uses: rtCamp/[email protected] | |
env: | |
SLACK_CHANNEL: twd_tv_dev | |
SLACK_USERNAME: CI Accessiblity Tests | |
SLACK_TITLE: Axe tests failures | |
SLACK_MESSAGE: | | |
Axe accessibility tests failed against QA environment <!channel> | |
See: <${{ env.LINK_TO_RUN }}|Workflow run> | |
SLACK_WEBHOOK: ${{env.SLACK_WEBHOOK}} | |
SLACK_COLOR: failure | |
lighthouse: | |
name: Lighthouse tests | |
environment: qa | |
env: | |
RAILS_ENV: test | |
HTTP_BASIC_USER: ${{ secrets.HTTP_BASIC_USER }} | |
HTTP_BASIC_PASSWORD: ${{ secrets.HTTP_BASIC_PASSWORD }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Prepare application environment | |
uses: ./.github/actions/prepare-app-env | |
with: | |
skip-ruby: true | |
- name: Set lighthouse config values | |
run: | | |
encoded_auth=$(echo -n $HTTP_BASIC_USER:$HTTP_BASIC_PASSWORD | base64) | |
sed -i "s/auth_token/${encoded_auth}/g" .lighthouserc.json | |
- name: Audit URLs using Lighthouse | |
uses: treosh/lighthouse-ci-action@v12 | |
with: | |
urls: | | |
https://qa.teaching-vacancies.service.gov.uk | |
https://qa.teaching-vacancies.service.gov.uk/jobs | |
https://qa.teaching-vacancies.service.gov.uk/schools | |
uploadArtifacts: true # save results as an action artifacts | |
temporaryPublicStorage: true # upload lighthouse report to the temporary storage | |
runs: 3 | |