Skip to content
Test

chore: Backport #36 to the v1 branch #59

Sign in to view logs

chore: Backport #36 to the v1 branch

chore: Backport #36 to the v1 branch #59

Workflow file for this run

.github/workflows/test.yml at e853352
name: Test
on:
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
workflow_dispatch:
permissions:
contents: write
issues: write
pull-requests: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: false # Allow previous workflows’ clean-up steps to complete
env:
TESTING_REPOSITORY: github/accessibility-scanner-testing
jobs:
test:
name: Test
runs-on: ubuntu-latest
# Run if triggered manually, or for a non-draft PR
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.draft == false }}
strategy:
matrix:
site: ["sites/site-with-errors"]
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Setup Ruby
uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a
with:
ruby-version: "3.4"
bundler-cache: true
working-directory: ${{ matrix.site }}
- name: Build Jekyll site (${{ matrix.site }})
shell: bash
working-directory: ${{ matrix.site }}
env:
JEKYLL_ENV: production
run: bundle exec jekyll build
- name: Start Puma (${{ matrix.site }})
shell: bash
working-directory: ${{ matrix.site }}
env:
TEST_USERNAME: ${{ secrets.TEST_USERNAME }}
TEST_PASSWORD: ${{ secrets.TEST_PASSWORD }}
run: |
set -euo pipefail
bundle exec puma -b tcp://127.0.0.1:4000 &
echo "Starting Puma on port 4000"
curl -fsS --retry 25 --retry-delay 1 --retry-all-errors -u "${TEST_USERNAME}:${TEST_PASSWORD}" "http://127.0.0.1:4000/" > /dev/null
echo "Puma has started"
- name: Generate cache key
id: cache_key
shell: bash
run: |
echo "cache_key=$(printf 'cached_findings-%s-%s.json' "${{ github.ref_name }}" "${{ matrix.site }}" | tr -cs 'A-Za-z0-9._-' '_')" >> $GITHUB_OUTPUT
- name: Scan site (${{ matrix.site }})
uses: ./
with:
urls: |
http://127.0.0.1:4000/
http://127.0.0.1:4000/jekyll/update/2025/07/30/welcome-to-jekyll.html
http://127.0.0.1:4000/about/
http://127.0.0.1:4000/404.html
login_url: http://127.0.0.1:4000/
username: ${{ secrets.TEST_USERNAME }}
password: ${{ secrets.TEST_PASSWORD }}
repository: ${{ env.TESTING_REPOSITORY }}
token: ${{ secrets.GH_TOKEN }}
cache_key: ${{ steps.cache_key.outputs.cache_key }}
- name: Retrieve cached findings
uses: github/accessibility-scanner/.github/actions/gh-cache/restore@v1
with:
path: ${{ steps.cache_key.outputs.cache_key }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Add PR URLs to findings
uses: actions/github-script@v8
with:
github-token: ${{ secrets.GH_TOKEN }}
script: |
const fs = require('fs');
if (!process.env.FINDINGS_PATH || !fs.existsSync(process.env.FINDINGS_PATH)) {
core.info("Skipping 'Add PR URLs to findings' (no cached findings).");
return;
}
const findings = JSON.parse(fs.readFileSync(process.env.FINDINGS_PATH, 'utf-8'));
for (const finding of findings) {
if (!finding.issueUrl) {
continue;
}
const { owner, repo, issueNumber } = /https:\/\/github\.com\/(?<owner>[^/]+)\/(?<repo>[^/]+)\/issues\/(?<issueNumber>\d+)/.exec(finding.issueUrl).groups;
const query = `query($owner: String!, $repo: String!, $issueNumber: Int!) {
repository(owner: $owner, name: $repo) {
issue(number: $issueNumber) {
timelineItems(first: 100, itemTypes: [CONNECTED_EVENT, CROSS_REFERENCED_EVENT]) {
nodes {
... on CrossReferencedEvent { source { ... on PullRequest { url } } }
... on ConnectedEvent { subject { ... on PullRequest { url } } }
}
}
}
}
}`;
const variables = { owner, repo, issueNumber: parseInt(issueNumber, 10) }
const result = await github.graphql(query, variables)
const timelineNodes = result?.repository?.issue?.timelineItems?.nodes || [];
const pullRequestNode = timelineNodes.find(n => n?.source?.url || n?.subject?.url);
if (pullRequestNode) {
finding.pullRequestUrl = pullRequestNode.source?.url || pullRequestNode.subject?.url;
} else {
core.info(`No pull request found for issue: ${finding.issueUrl}`);
}
}
fs.writeFileSync(process.env.FINDINGS_PATH, JSON.stringify(findings));
env:
FINDINGS_PATH: ${{ steps.cache_key.outputs.cache_key }}
- name: Validate scan results (${{ matrix.site }})
run: |
npm ci
npm run test
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
FINDINGS_PATH: ${{ steps.cache_key.outputs.cache_key }}
- name: Clean up issues and pull requests
if: ${{ always() }}
shell: bash
run: |
set -euo pipefail
if [[ ! -f "${{ steps.cache_key.outputs.cache_key }}" ]]; then
echo "Skipping 'Clean up issues and pull requests' (no cached findings)."
exit 0
fi
jq -r '
(if type=="string" then fromjson else . end)
| .[] | .issueUrl, .pullRequestUrl
| select(. != null)
' "${{ steps.cache_key.outputs.cache_key }}" \
| while read -r URL; do
if [[ "$URL" == *"/pull/"* ]]; then
echo "Closing pull request: $URL"
gh pr close "$URL" || echo "Failed to close pull request: $URL"
branch="$(gh pr view "$URL" --json headRefName -q .headRefName || true)"
if [[ -n "$branch" ]]; then
echo "Deleting branch: $branch"
gh api -X DELETE "repos/${{ env.TESTING_REPOSITORY }}/git/refs/heads/$branch" || echo "Failed to delete branch: $branch"
fi
elif [[ "$URL" == *"/issues/"* ]]; then
echo "Closing issue: $URL"
gh issue close "$URL" || echo "Failed to close issue: $URL"
else
echo "Skipping unrecognized url: $URL"
fi
done
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
- name: Clean up cached findings
if: ${{ always() }}
uses: github/accessibility-scanner/.github/actions/gh-cache/delete@v1
with:
path: ${{ steps.cache_key.outputs.cache_key }}
token: ${{ secrets.GITHUB_TOKEN }}